Direct Inward System Access and Caller ID Spoofing
by iSEPIC
I wanted to share with the community a solution to some of the goals I had for outbound calling (after dialing into a box) using Asterisk, the open-source PBX software, as well as the legitimate need for Caller ID spoofing.
I was inspired by the cidspoof.agi script that you can find out there in the wild. But I was thinking to myself that this can be accomplished without the complexity of that script.
There is the assumption here that your outbound trunk (VoIP provider) will allow you to change the outgoing Caller ID and (yes, some actually do) the outgoing ANI.
My Asterisk system includes:
- Two inbound numbers, one for me and one for my roommate.
- When my roommate dials out (VoIP) from his extension, the Caller ID is his number and the same applies for me.
- While out, when we call friends from our cell phones, our number is blocked, because we want people to use our VoIP numbers to get a hold of us (incoming Asterisk calls are routed to our extension and cell phones per DID).
- Some people don't like "blocked numbers" (myself included).
- We have two VoIP providers (just for backup) and one PSTN line (a regular old telephone line). The PSTN line doesn't really do much - it just has metered service and 911 for about $5 a month but it has unlimited inbound for free.
- I'm running Asterisk 1.21 and Asterisk at Home version 2.1.
- I have a silent auto-attendant on the Asterisk's PSTN line, with the ability to press ** or *** (One will let me call out and have the system spoof the proper Caller ID I want and the other will allow me to dial out using any outbound Caller ID I enter.)
So I made some goals:
- Allow each of us to dial in using the PSTN number and dial out using one of the VoIP providers.
- When we do this, I want the Caller IDs to match. I don't want people he calls to see my number, nor do I want them to see the PSTN number (hence only dial out via VoIP providers who allow you to spoof your CID).
- I also want to be able to spoof any number so I can play tricks when I'm feeling silly (you know, to your friends, not to the bank, etc.).
- I really don't like the cidspoof.agi script out there. I know this can be done a lot easier.
So, for my Auto Attendant I have option ** and *** and they point to a custom like custom-disa,s,1 and I also placed these in my from-internal-custom so I could test from one of my internal extensions.
For those who don't know, VMAuthenticate() will ask for a mailbox and password.
This is how I identify myself or my roommate on the Direct Inward System Access (DISA) so I can make his or my Caller ID match who we are. Also, this allows the password to remain hidden (both here in this text and in the logs - I think!)
Place the following in your extensions_custom.conf file.
As of today, VoIP providers that I know of that allow you to change your outbound Caller ID include, in no particular order: Nufone, Teliax, IAX.cc, VoicePulse.
[from-internal-custom] exten => **,1,Answer exten => **,n,Goto(custom-disa,s,1) exten => **,n,Hangup exten => ***,1,Answer exten => ***,n,Goto(custom-spoof,s,1) exten => ***,n,Hangup [custom-disa] exten => s,1,Answer exten => s,n,VMAuthenticate() ; Authenticate using the voicemail system, person enters their extension and pw exten => s,n,GotoIf($["${AUTH_MAILBOX}" = "2000"]?s|1000) ; if person who owns mailbox 2000 was authenticated above, goto 1000 exten => s,n,GotoIf($["${AUTH_MAILBOX}" = "2001"]?s|2000) exten => s,n,Congestion exten => s,1000,SetCallerID("Person1" <0001112222>|a) ; change caller ID & ANI to the phone number for person 1 exten => s,1001,goto(s,3000) exten => s,2000,SetCallerID("Person2" <0002221111>|a) ; change caller ID & ANI to the phone number for person 2 exten => s,2001,goto(s,3000) exten => s,3000,Playback(outside-transfer) exten => s,3001,DISA(no-password|from-internal) [custom-spoof] exten => s,1,Answer exten => s,n,VMAuthenticate() ; Asks for the VM box number, and PW exten => s,n,DigitTimeout(5) exten => s,n,ResponseTimeout(25) exten => s,n,Read(Secret,pls-ent-num-transfer,10) ; input 10 touch-tones, plays this sound file exten => s,n,NoOp(${Secret}) exten => s,n,SetCallerID("Spoof"<${Secret}>|a) ; this sets your outbound CID and ANI (|a) exten => s,n,Playback(pls-entr-num-uwish2-call) exten => s,n,DISA(no-password|from-internal) ; DISA routine, and context you with to dial from exten => s,n,Hangup exten => s,102,Playback(goodbye) ; failover if your authenticate fails it goes to +101 exten => s,103,HangupGreetz to BrothaReWT and bi0metric.