snide / owen @linuxblog github.com/phreakme (latest slides & … con 25/def con 25... ·...
TRANSCRIPT
![Page 1: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/1.jpg)
AND OTHER FUN TRICKS
Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & Code)
![Page 2: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/2.jpg)
Mandatory Disclaimer The opinions expressed in this presentation and on the following slides are solely those of the presenter. There is no guarantee on the accuracy or reliability of the information provided herein.
All Service Marks, Trademarks, and Copyrights belong to their respective owners.
This is for educational purposes only
![Page 3: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/3.jpg)
Introduction • History / Evolution • Anatomy • How to test • Issue Types • Fun Stuff
![Page 4: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/4.jpg)
About Me Presentations Fun Moved to US in 2000.
![Page 5: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/5.jpg)
![Page 6: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/6.jpg)
So who uses Phones? What industries? Particularly interesting are:
banking/finance Healthcare Insurance Utilities Government Military.
![Page 7: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/7.jpg)
History Sorry, Wrong number DC23 Exploding The Phone (Book) 2013.
![Page 8: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/8.jpg)
History
https://en.wikipedia.org/wiki/Dial-up_Internet_access
![Page 9: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/9.jpg)
History 1996 ICQ, NetMeeting, SMS (UK)
1997 AIM
1998 Yahoo Messenger
1999 MSN Messenger & Asterisk
2001 TeamSpeak & MMS
2002 Yahoo Messenger Chat
2003 Skype Released - MySpace
2004 Facebook
2005 YouTube
2007 iPhone
![Page 10: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/10.jpg)
Recent History • Hangouts • FB Messenger • Signal • Screen Sharing • LiveStreaming • WhatsApp • SnapChat • Kik • etc etc.
![Page 11: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/11.jpg)
PBX’s Why do people run PBX’s? • Reduce Costs • Cheap Calling • "Apps”
• Voicemail • IVR’s • Conferencing • Directories
![Page 12: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/12.jpg)
Basic Deployment
PBX
SoftPhone
SIP Phone ATA
“Phone”
![Page 13: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/13.jpg)
Common Deployment Provider
Provider
Location A Location B
PBX
![Page 14: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/14.jpg)
Large
![Page 15: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/15.jpg)
Deployments
![Page 16: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/16.jpg)
• Translations • Voice
Biometrics • 2FA • Mobile
• Forwarding • BYOD • Apps
• Softphones / Skype
More Tech • Call Monitoring • Voicemail
Transcribing • Call center /
Queue • Ring Groups • Call Backs • Portals • Reporting and
Analytics
![Page 17: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/17.jpg)
DTMF
http://www.genave.com/dtmf.htm https://en.wikipedia.org/wiki/Dual-tone_multi-frequency_signaling
Dual Tone Multi Frequency Can be easily generated
![Page 18: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/18.jpg)
Common Protocols
• SIP • RTP • XMPP • IAX
![Page 19: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/19.jpg)
Codecs • G.711 – ITU-
T • PCM • Alaw • Ulaw
• G.711.0 • G.711.1 • g.722 • GSM
![Page 20: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/20.jpg)
How? Step 1) Figure out what you’re testing
![Page 21: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/21.jpg)
Testing Scope
Blackbox / Whitebox? Info Gathering
![Page 22: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/22.jpg)
Testing Info Gathering • OSINT
• Grab Phone Numbers from Web / Directories.
• Look for patterns • Port Scans • Shodan • Use the Web • Whois has information too!
![Page 23: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/23.jpg)
Externally Testing Testing Via POTS - Regular Phone. Sit and press buttons - Modems and AT commands - Soft Phones
- Any of the major ones - Ekiga, Twinkle ETC.
- Automatable / Scriptable - SipCLI - Sip.Js & JSSip - MJSip
- Use a PBX
![Page 24: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/24.jpg)
My Testing Setup OrangePi 2E Decent Specs Portable
![Page 25: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/25.jpg)
Software Armbian Asterisk Scripting Utilities More on this Later!
![Page 26: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/26.jpg)
Types of Issues 2017 A1: Injection A2: Broken Authentication and Session Management A3: Cross-Site Scripting (XSS) A4: Broken Access Control A5: Security Misconfiguration A6: Sensitive Data Exposure A7: Insufficient Attack Protection A8: Cross-Site Request Forgery (CSRF) A9: Using Components with Known Vulnerabilities A10: Under protected APIs
![Page 27: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/27.jpg)
A1: Injection
Injection Points: Web, Voice, SIP, DTMF Result:
XSS SQL Buffer Overflows Log Contamination
![Page 28: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/28.jpg)
A2: Broken Authentication & Session Management
Mostly Authentication Lack of SSL/TLS for SIP
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial
![Page 29: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/29.jpg)
A3: Cross-site Scripting
Somewhat covered by injection
![Page 30: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/30.jpg)
A4: Broken Access Control
http://example.com/app/accountInfo?acct=notmyacct Given that example, this can be translated into a bad configuration. Either Extensions or AGI Script / App
Related to A5
![Page 31: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/31.jpg)
A5: Security Misconfiguration
• Pretty common • SIP allowguest – Default = yes • 4 Digit passwords for SIP Clients • Conferencing • Default passwords • Weak Passwords • Misconfigured Dial plans & AGI’s
![Page 32: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/32.jpg)
A6: Sensitive Data Exposure
• Voicemail • Conference Calls • Information not available elsewhere
• Similar to the User/Password combination enumeration
• Corp Directories • Full Names, E-Mails • Schedules, out of office
![Page 33: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/33.jpg)
A7: Missing Function Level Access Control
• Caller ID Spoof • User logs in, tries username / pass, fails tries
another. • Systems like voicemail that allow userid,
password separate and prompt for username again is an issue
• Potential with misconfigurations, if put back into another context.
• Reasonable Use
![Page 34: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/34.jpg)
A8: Cross-Site Request Forgery (CSRF)
• Vendors • Web portals and configuration pages are
often vulnerable • In from a phone sense not directly
applicable
![Page 35: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/35.jpg)
A9: Components with Known Vulnerabilities
![Page 36: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/36.jpg)
A9: Components with Known Vulnerabilities
![Page 37: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/37.jpg)
A9: Components with Known Vulnerabilities
![Page 38: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/38.jpg)
A9: Components with Known Vulnerabilities
![Page 39: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/39.jpg)
A9: Components with Known Vulnerabilities
![Page 40: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/40.jpg)
A9: Components with Known Vulnerabilities
http://www.cisco.com/c/en/us/products/unified-communications/ata-180-series-analog-telephone-adaptors/end_of_life_notice_c51-585199.html
![Page 41: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/41.jpg)
A9: Components with Known Vulnerabilities
• How does this apply?
![Page 42: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/42.jpg)
A10 - Underprotected APIs AGI ARI WebRTC
wss://
![Page 43: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/43.jpg)
OWASP Mapping A1: Injection
1: Security Misconfiguration A2: Broken Authentication and Session Management 2: Broken Authentication and Session Management A3: Cross-site Scripting
3: Injection A4: Broken Access Control
4: Using Components with Known Vulnerabilities A5: Security Misconfiguration 5:Broken Access Control A6: Sensitive Data Exposure
6: Insufficient Access Protection A7: Insufficient Access Protection 7: Sensitive Data Exposure A8: Cross-Site Request Forgery (CSRF) 8: XSS A9: Using Components with Known Vulnerabilities 9: Underprotected API’s A10: Under Protected API’s
10: CSRF
![Page 44: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/44.jpg)
Using Asterisk vagrant up Soft Phone Console AGI
https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Command+Reference
![Page 45: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/45.jpg)
Scenario
![Page 46: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/46.jpg)
Vectors Two Vectors
A. Fat Finger Squat B. Spoofed Target Vish
![Page 47: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/47.jpg)
Vector A - Fat Finger Squat
![Page 48: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/48.jpg)
Vector B – Spoofed Target Vish
Spoofed CID
Hello Can I help?
Talk Recording
Direct
![Page 49: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/49.jpg)
Vector A Demo Time
![Page 50: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/50.jpg)
Result Left with a Recording - What does that contain?
![Page 51: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/51.jpg)
What’s that Sound?
Software - DTMF Decoding
Software - Online (dialabc)
Hardware Decoder with ATA or line out
http://dialabc.com/sound/detect/index.html
![Page 52: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/52.jpg)
Phreak Me PhreakMe (github.com/phreakme)
• Overview • Last Years Changes • More Changes to come
![Page 53: Snide / Owen @LinuxBlog github.com/PhreakMe (Latest Slides & … CON 25/DEF CON 25... · 2017-07-19 · Mandatory Disclaimer The opinions expressed in this presentation and on the](https://reader034.vdocuments.us/reader034/viewer/2022042107/5e86d700bd434d64c54f77cb/html5/thumbnails/53.jpg)
Wrap Up