said:

1.can any one from any country can set-up a SIP(really dont know what it is) account and spoof their numbers and make calls?

2.Also for sending spoofed sms what kind of back-end set up we need to have?

3.what kind of set-up they are using?

4.coz are using the site from internet but they are delivering our identity with out a mobile,how is this possible?

5.so i tought the same idea can be used for sending spoofed sms nah?

1. Yes, as far as I'm aware anyone from any country can make an account with any sip provider. Even if you're restricted because of what country you live in, this shouldn't be a problem for you, cuz let's face it, your a hacker (cough, cough, tor).

2. All you need is the sip information and a sip client, and you can send/receive whatever kind of phone information you want. here is a link for references on sip software.


3. If you have a smartphone (which I'm assuming the guy at the seminar had), this could easily be done through an app that uses sip (spoofcard for example). If he didn't have a smartphone, he could also call the sip provider and phone in his username/password, select his desired spoofed number and call whoever.

4. Assuming you live in the states, unless if you threaten to kill someone from a spoofed caller id, they won't be able to find out who actually called because sip providers, as well as phone providers are forbidden by U.S. law to give your information to people calling about your number unless it's under a court order (same as with *67, they can't get your number unless you threaten to kill them and they take you to court).

5. Depending on what kind of sip software you use, yes you can send spoofed sms. If not, I'm sure you could edit/resend packets with different source numbers on them with wireshark (DO NOT ask me for a tutorial on this).

On a side note: If I remember correctly, I believe I once saw an article on how to crack sip information from magic jacks. Nonetheless, magic jacks are fucking amazing, and if you buy them from a store you don't have to input any personal information, even if you did, you wouldn't have to confirm it, unless you bought additional years of service (1 year is included upon purchase of a magic jack). You also have the ability to choose your number with magic jack. Free local/long distance in the U.S. bro, you can't beat it. And if you set it up like I did, you have free international calling to the U.S, and free international calling to your number from the U.S.!

Sorry, didn't mean to try and sell it to you lol, good luck with the quest for knowledge!
Also, some general information on sip can be found here:

Update: Just found the article for hacking sip info from magic jacks.


In regards to the guy who gave the seminar.....white hats will be white hats dude....they'll tell you they did it, but they won't tell you how. Fuckin' lamers, they're worse than script kiddies.

said:

Wow what a nice explanation!,between i seen some sites providing FREE SIP accounts?
and also TBH as i said i dont even know what is a SIP,and how it is used in mobile networks?
And is there any VOIP related hackers forums out there?
i am currently digging this,will post some more questions here :)
and thank you once again for your nice explanation...

sorry it took me so long to get back to you on this. You would have to look for those sites providing free sip accounts, like I said, I just use magic jack.

sip, in it's most basic terms is voip to actual telephones. It's one of a couple of protocols that directly interact with the internet's most important backbone, the telephone system. sip is a by-product of high speed internet. when the world used to solely function on dial-up you could directly call other telephones from your computer, because there was no need to convert from digital to analog as most if not all computers had a telephone modem built into them so that you could send digital information over an analog phone signal. high speed internet came about when the telephone industry switched over to digital. this took away the purpose of computers having telephone modems built into them and thus left you with a digital-to-digital connection with the phone system. however, it was divided between IP(the internet) and PSTN (the global telephone network). sip acts as a voice translator from one to the other.

The above statement is why I lol so hard at noobs who try to war-dial without using dial-up.

Because the internet uses the PSTN as a major backbone, the PSTN has to have an identity on the internet, signifying different nodes and routing points. Today, these would be your ISP's, because I believe most if not all include a package containing Cable TV, Phone, and Internet. Where as like 15 years ago you would have to pay for each service individually. In theory, telephone switches could be accessed from the internet, granted you find the right IP; it should be dually noted that they are still completely accessible through dial-up. You just have to find the right number for the modem (war-dialing), and you also have to know the right username and password.

Sorry about the history lesson lol, but understanding the history of the internet will help you understand how it works today.

As for finding forums on voip hacking....there could be some out there, but as far as I'm aware of, phreakers died with analog telephones. The only reason I know so much is because of my job. Otherwise I probably wouldn't ever care to wonder about telephones.