ANI SpoofingContributed by: opticfiber
An article written for rootsecure.net this past July describes a method for spoofing any CID/ANI number from your voip service, provided there lax in security. According to Rootsecure,"Automated ANI / Caller ID spoofing is setting the number you are calling from without the use of an operator / company PBX system. By far the easiest method thanks to the increasing take-up of internet telephony services are VoIP (Voice over Internet Protocol) service providers who allow you when using their service to set whatever caller ID you like (which is also used as ANI)."
For complete instructions on how to setup CID/ANI spoofing on your voip servoce see the Rootsecure.net instructions
What is Caller ID?
Caller ID is a service provided by most telephone companies (for a monthly cost) which will tell you the number / name of an incoming call. [Definition: Hack FAQ ]
What is ANI?
Automatic Number Identification is a system used by the telephone company to determine the number of the calling party. There are believed to be two types, “FLEX ANI” (used for e.g. verification services such as voicemail) which is relatively easy to spoof, and “Real Time ANI” (used only for billing purposes on e.g. 800 numbers) which is harder to spoof. [Definition: Hack FAQ ]
What is ANI / Caller ID spoofing?
ANI / Caller ID spoofing is setting the ANI / Caller ID on the outgoing call you are making to a 10 digit number of your own choosing. Traditionally it has been a complicated process either requiring the assistance of a cooperative phone company operator or an expensive company PBX system.
What is Automated ANI / Caller ID spoofing?
Automated ANI / Caller ID spoofing is setting the number you are calling from without the use of an operator / company PBX system. By far the easiest method thanks to the increasing take-up of internet telephony services are VoIP (Voice over Internet Protocol) service providers who allow you when using their service to set whatever caller ID you like (which is also used as ANI).
Which VoIP service providers support spoofing?
VoicePulse and Nufone both allow spoofing (verified February 16th 2004, 7th July 2004). IAXtel is understood not to support spoofing.
Is international calling / spoofing possible?
Both Nufone, and VoicePulse Connect support international calling, (dial 011+country code+number) however you may need to modify your extension file to recognise the international format e.g. exten => _011N.,1,Dial,IAX2/username@voipprovider/$ Spoofing using VoicePulse to a UK Ericsson T610 mobile phone / landline with caller ID has been verified working, it displays the calling number (if the number is in the address book it will display the name / photo listed for it instead). The leading zero should be left off when spoofing, eg 20-1111-1111.
[Update: As of 5th June 2004 this no longer appears to work, caller id shows up as "unavailable"]
How can I spoof ANI / Caller ID
Requirements: A spare computer with a Linux compatible network card, basic Linux knowledge, Redhat 9.0 CDs, a broadband Internet connection, a VoIP hardware phone / compatible software phone, an account with a VoIP provider.
Overview of the process:
1. Follow the instructions in Andy Powell’s, “Getting Started With Asterisk” guide for the initial Linux install.
2. Add the following lines to your extension config file in the same context as your SIP phone.
exten => 33,1,Answer
exten => 33,2,AGI(cidspoof.agi)
4. Sign up with a VoIP provider.
5. Add appropriate details into your IAX config file (as issued by your VoIP service provider).
6. Download the cidspoof.agi script changing line 77 to the correct username / hostname for your VoIP IAX service provider, and copy it to /var/lib/asterisk/agi-bin/.
7. Start Asterisk
8. Check your SIP phone has correctly registered / verify you are able to make a SIP to PSTN call.
9. Call extension 33, enter the 10 digit number you wish to spoof from, followed by the 10 digit number you wish to spoof to.
A simpler alternative is to use the command SetCallerID(2121111111) in the "extensions.conf" file direct however it will have to be manually edited and Asterisk reloaded for every call.
Is it possible to get a dial in number to enable remote spoofing?
DID (direct inward dial - USA) / DDI (direct dial inward - UK) numbers are available from both Voicepulse and Nufone with no minimum contract period.
Nufone only offer numbers in the state of Michigan for $7.50 per month. Voicepulse offer a wide variety of area codes / exchanges for $7.99 per month.
What are the other advantages of a DDI / DID number?
1. It can act as an extra phone line.
2. It can run a conference / call centre service, since the line is never busy unless your Asterisk PBX server box says it is.
Is it legal?
It appears to be perfectly legal, as long as it is not used for fraudulent purposes.