Features | News | Download | Contact | Projects

iWar is a "war dialer" written completely in C for Unix
types of operating systems (Linux, FreeBSD, OpenBSD, etc). It is
intended for legal phone security equipment auditing.

Everyone loves a screen shot [Version 0.07]

(Note: The development 0.08 code is available via CVS. See the "News" section)

See Da Beave's and Jfalcon's HOPE/2008 talk, "Hacking International Networks and Systems via VoIP" in NYC via Google video

Current Features:

  • Full and Normal logging: Full logging records all possible events during dialing (busy signals, no answers, carriers, etc). By default it only records things that we might find interesting (carriers, possible telco equipment).
  • ASCII flat file and MySQL logging: You can log to a traditional ASCII flat file, and record information into a MySQL database.
  • Dials randomly or sequentially.
  • Remote system identification: When finding a remote modem and connecting, iWar will remain connected and attempt to identify the remote system type.
  • Key stroke marking: When actively "listening" to iWar work, if you hear something interesting, you can manually "mark" it by hitting a key. You can also enter a "note" about something you find interesting.
  • Multiple modem support, because... well, hey - this is "Unix". iWar will support as many modems you can hook up
  • Nice "curses" based display. This means that if you're using iWar from a Linux console or a VT100 based terminal, it should work fine. It's not a escape sequence kludge, but true "curses".
  • Full control over the modem: Unlike other 'kludges', iWar doesn't just open the modem as a typical "file". It controls the baud rate, parity, and CTS/RTS (Hardware flow control) DTR (Data terminal ready). This is important for controlling the modem and making it preform the way you want it to during scanning. For example, DTR hang ups.
  • Blacklisted phone number support: For numbers the system should never dial.
  • Save state: If within the middle of a "wardialing" session you want to quit, you can save the current state to a file. This allows you to come back later and restart iWar where you left off. (via the '-l' option)
  • Load pre-generated numbers: You can load a file (via the '-L' option) of numbers that you want to dial. This is useful if you want to load numbers generated by another routine (perl/shell script/etc).
  • Tone location, if your modem supports it. iWar uses two different methods. The traditional "ATDT5551212w;" (Toneloc) and "silence" detection.
  • Records remote system banners on connection for later review
  • iWar can be used to attack PBX's and Voice mail systems
  • Terminal window so you can watch modem interactions and carrier results in real time
  • Support the IAX2 (Intra-Asterisk eXchange) "Voice over IP" (VoIP) protocol. This allows you to scan without the need of additional hardware! To my knowledge, iWar is the first war dialer with VoIP functionality
  • In IAX2 mode, iWar acts as a "full blown" VoIP client. In this mode, key 0-9, * and # play there DTMF equivalents. In this mode, you can also directly "talk" (using a microphone) with the remote target if so desired.
  • In IAX2 mode, if your VoIP provider supports it, you can "set" your caller ID number (caller ID spoofing).
  • Comes with complete source code and is released under the GNU General Public License.


Da Beave @ HOPE - I'll be at HOPE (Hackers On Planet Earth) giving the talk, "PSTN Based Cartography". I'll be talking about work being done on the new iWar code base. This code base is multi-threaded and has a VoIP analysis engine. Basically, no physical hardware is needed (ie - modems). Below is a video of iWar 0.08 (very beta) operating. If you see me at HOPE, don't hesitate to say "hello" :)

Version 0.08 development code demo - This code has NOT been released yet.

Version 0.08 development code is online via CVS and snapshots

At this point in time, it is probably better to use the CVS/development code rather than the older 0.07/0.071. This version contains all the old features and many new ones. The code base is still changing a lot so the best method is to check out iWar via CVS. To do this, do the following:

$ CVSROOT=:pserver:anonymous@cvs.telephreak.org:/root; export CVSROOT
$ cvs login
(When prompted for a password, simply hit enter)

Once logged in, to check out the 0.08 dev. tree, type:
$ cvs -z9 co -A iwar    # -z9 is optional (for compression)

If CVS is not avaliable to you, you can check our CVS snapshots directory. Note: Snapshot are made when major CVS updates have been made. This means the snapshots directory will lag behind.

New features add to 0.08:

  • Bug fixes and re-write of a lot of back end code (for example, strlcat/strlcpy...)
  • PostgreSQL logging support.
  • HTTP based logging (log to via port 80 to a web application).
  • Now uses getopt_long for easier to understand flags (--npa, --nxx, etc).
  • Completely updated serial back end (this should fix problems with USB/PCMCIA devices).
  • --random-time to generate random times between dialing
  • --daemon support (which allows iWar to work in the background
  • CNAM (Caller ID Name) lookup support via services like http://www.presnap.com and "pay to play" services.
If you're interested in testing the 0.08 branch, I highly suggest you join the iWar mailing list. It is a low volume mailing list and where information about iWar updates are posted.

Gentoo iWar portage (via overlay)

If you're running Gentoo, an easy way to install iWar is via the "Sunrise" overlay. It's simple to do, and a big prop's to TS1K for getting ebuild all setup and work. The current ebuild is for version 0.071 (but TS1K is working on the development code 0.08 ebuild). Anyways, here's the instructions for installation under Gentoo. As "root", type:

# emerge -va layman
# echo "source /usr/portage/local/layman/make.conf" >> /etc/make.conf
# layman -f -a sunrise
# ACCEPT_KEYWORDS="~x86" emerge iwar
You can also use "~amd64". Accepted USE flags are "iax2" and "mysql". To update the "sunrise" overlay from, run the command below from time to time.
# layman -s sunrise
Version 0.071 (semi-stable) is fixes several minor bugs in 0.07.
  • Fixed problem with MySQL logging.
  • Fixed problem with "custom" key stroke logging.
  • Fixed "hang" problem during IAX2 mode when a MySQL error happened.
  • Change "caller id" handling a bit. 0.071 will not allow 'spoofing' as 911.
  • In 'full logging' mode, iWar didn't log timeouts.
  • Added a bunch of user submitted (Thanks!) banners for identifying remote system types
If you're using 0.01-0.07, I highly recommend you updated to this release as it fixes many major bugs. This software is new, so i fully expect there to be bugs. I've taken considerable amount of time to avoid as many bugs as possible by testing the software with every modem I could get my hands on. I'm sure there's some that I've missed. I'd like to thank everyone that has submitted bug reports and feature requests to make iWar better! If you have any questions or wish to report of possible bug, I invite you to join the iWar mailing list (iwar-subscribe@mailman.softwink.com) and letting us know. Please check the FAQ that comes with the tar ball before asking questions! Thanks.

Download Information:

Contact Information: If you need to email me regarding a bug or feature you want added, please consider joining the iWar mailing list (iwar-subscribe@mailman.softwink.com). It's a low volume mailing list. Here's other methods of contact.

Some of Beave's other projects:

I might as well shamelessly plug some other projects I am working on/involved with :)

  • The Deathrow OpenVMS Cluster. This is a cluster of Alpha's and VAXen running OpenVMS in a "cluster" configuration. The system is open for anyone who wishes to use it. I'm also the primary author of OpenVMS Hack FAQ
  • Telephreak. Telephreak is a Asterisk PBX based project. It allows us to play with ideas and features of Asterisk. We have DID's (Direct Inward Dials) in various states and Europe. We give away free voice mail accounts, and the PBX also servers as a conferencing system for "hacker" and "phreak" types.