(Note: The development 0.08 code is available via CVS. See the "News" section)
See Da Beave's and Jfalcon's HOPE/2008 talk, "Hacking International Networks and Systems via VoIP" in NYC via
Full and Normal logging: Full logging records all possible events
during dialing (busy signals, no answers, carriers, etc). By default it
only records things that we might find interesting (carriers, possible
ASCII flat file and MySQL logging: You can log to a traditional
ASCII flat file, and record information into a MySQL database.
Dials randomly or sequentially.
Remote system identification: When finding a remote modem and
connecting, iWar will remain connected and attempt to identify
the remote system type.
Key stroke marking: When actively "listening" to iWar work,
if you hear something interesting, you can manually "mark" it
by hitting a key. You can also enter a "note" about something
you find interesting.
Multiple modem support, because... well, hey - this is "Unix".
iWar will support as many modems you can hook up
Nice "curses" based display. This means that if you're using
iWar from a Linux console or a VT100 based terminal, it should
work fine. It's not a escape sequence kludge, but true "curses".
Full control over the modem: Unlike other 'kludges', iWar
doesn't just open the modem as a typical "file". It controls
the baud rate, parity, and CTS/RTS (Hardware flow control)
DTR (Data terminal ready). This is important for controlling
the modem and making it preform the way you want it to during
scanning. For example, DTR hang ups.
Blacklisted phone number support: For numbers the system
should never dial.
Save state: If within the middle of a "wardialing" session you
want to quit, you can save the current state to a file. This
allows you to come back later and restart iWar where you left off.
(via the '-l' option)
Load pre-generated numbers: You can load a file (via the '-L' option)
of numbers that you want to dial. This is useful if you want to load
numbers generated by another routine (perl/shell script/etc).
Tone location, if your modem supports it. iWar uses two
different methods. The traditional "ATDT5551212w;" (Toneloc)
and "silence" detection.
Records remote system banners on connection for later review
iWar can be used to attack PBX's and Voice mail systems
Terminal window so you can watch modem interactions and carrier results
in real time
Support the IAX2 (Intra-Asterisk eXchange) "Voice over IP" (VoIP) protocol. This allows you to scan without the need of additional hardware! To my
knowledge, iWar is the first war dialer with VoIP functionality
In IAX2 mode, iWar acts as a "full blown" VoIP client. In this mode,
key 0-9, * and # play there DTMF equivalents. In this mode, you can also
directly "talk" (using a microphone) with the remote target if so desired.
In IAX2 mode, if your VoIP provider supports it, you can "set"
your caller ID number (caller ID spoofing).
Da Beave @ HOPE - I'll be at
HOPE (Hackers On Planet Earth) giving
the talk, "PSTN Based Cartography". I'll be talking about work being
done on the new iWar code base. This code base is multi-threaded
and has a VoIP analysis engine. Basically, no physical hardware is
needed (ie - modems). Below is a video of iWar 0.08 (very beta) operating.
If you see me at HOPE, don't hesitate to say "hello" :)
Version 0.08 development code demo - This code has NOT
been released yet.
Version 0.08 development code is online via CVS and snapshots
At this point in time, it is probably better to use the CVS/development code
rather than the older 0.07/0.071. This version contains all the old features
and many new ones. The code base is still changing a lot so the best method is
to check out iWar via CVS. To do this, do the following:
Once logged in, to check out the 0.08 dev. tree, type:
$ cvs -z9 co -A iwar # -z9 is optional (for compression)
If CVS is not avaliable to you, you can check our
directory. Note: Snapshot are made when major CVS updates have been
made. This means the snapshots directory will lag behind.
New features add to 0.08:
Bug fixes and re-write of a lot of back end code (for example, strlcat/strlcpy...)
PostgreSQL logging support.
HTTP based logging (log to via port 80 to a web application).
Now uses getopt_long for easier to understand flags (--npa, --nxx, etc).
Completely updated serial back end (this should fix problems with USB/PCMCIA devices).
--random-time to generate random times between dialing
--daemon support (which allows iWar to work in the background
CNAM (Caller ID Name) lookup support via services like http://www.presnap.com and "pay to play" services.
If you're interested in testing the 0.08 branch, I highly suggest you join the
iWar mailing list. It is a low volume mailing list and where information about
iWar updates are posted.
Gentoo iWar portage (via overlay)
If you're running Gentoo, an easy way to install iWar is via the "Sunrise"
overlay. It's simple to do, and a big prop's to TS1K for getting ebuild
all setup and work. The current ebuild is for version 0.071 (but TS1K is
working on the development code 0.08 ebuild). Anyways, here's the instructions
for installation under Gentoo. As "root", type:
You can also use "~amd64". Accepted USE flags are "iax2" and "mysql".
To update the "sunrise" overlay from, run the command below from time
# layman -s sunrise
Version 0.071 (semi-stable) is fixes several minor bugs in 0.07.
Fixed problem with MySQL logging.
Fixed problem with "custom" key stroke logging.
Fixed "hang" problem during IAX2 mode when a MySQL error happened.
Change "caller id" handling a bit. 0.071 will not allow 'spoofing'
In 'full logging' mode, iWar didn't log timeouts.
Added a bunch of user submitted (Thanks!) banners for identifying
remote system types
If you're using 0.01-0.07, I highly recommend you updated to this
release as it fixes many major bugs.
This software is new, so i fully expect there to be bugs.
I've taken considerable amount of time to avoid as many bugs as possible
by testing the software with every modem I could get my hands on.
I'm sure there's some that I've missed. I'd like to thank everyone that
has submitted bug reports and feature requests to make iWar better!
If you have any questions or wish to report of possible bug, I invite
you to join the
iWar mailing list (email@example.com) and letting us know. Please check the
FAQ that comes with the tar ball before asking questions! Thanks.
Telephreak. Telephreak is a
Asterisk PBX based project. It allows
us to play with ideas and features of Asterisk. We have DID's (Direct Inward Dials) in various states and Europe. We give away free voice mail accounts,
and the PBX also servers as a conferencing system for "hacker" and "phreak"
Everything on the site is GNU, including the site. - Design donated by giddesigns.com