----------------------------------------------------------------------- PAWS - Python Advanced Wardialing System 2.0 2003-2006 by Volker Tanger ----------------------------------------------------------------------- PAWS is an ISDN/analog wardialing software in python. It is designed to scan ISDN connections and for "modern" analog modems (running at 9.6kbit/s or higher). Requirements: * Python 2.3 (or newer) * pySerial module (1.8 or newer) * Linux kernel 2.4 with ttyI-Support ----------------------------------------------------------------------- Usage: ----------------------------------------------------------------------- List all numbers you want to be dialed into the (text) file "dial.lst" in the exact format you find in the example file (you can delete individual ISDN types, though), one in each line - numbers only, no spaces, plus signs, dashes or slashes please. Make sure the device your modem is attached to is set correctly in paws.py in the variable "tty" at the top of the file. Then simply call "./paws.py" and watch - a verbatim full log will be written into paws_dialing.log where CR, LF and TAB will be translated into readable equivalents. That's all... ...because if you need more help, support or have special requests? Then please contact me for a competitive consultant/service offer. Wardialing and modem pentesting is - after the first brainless dial-robot-run - more an art than a quickly taught run-down recipe. ----------------------------------------------------------------------- Caution! ----------------------------------------------------------------------- This tool is designed to be used by knowledgeable people and for lawful purposes *ONLY*. Even then it can cause considerable damage - especially when disconnecting complete campuses by accident (ever crashed an INAX, anyone?). If it is not 100% clear to you and your client/victim what you are about to do and what can happen - do not use this program! When performing a wardialing make damn sure that you have a request/order or at least permission of the line owners to do so. Otherwise you might have to face criminal charges (trespassing, sabotage, DoS, etc). Additionally make sure the client should have all contact details of pen testers where the client can contact them during the test in case something goes wrong. I once wardialed a client who was not aware that his telephone system relayed each and every non-valid number and/or service to the front desk. 50.000 numbers dialed where only 20% were connected. 4 wardialers each running at ~30second intervals. Effectively DoSed the client. ----------------------------------------------------------------------- Shortcut: Distributable under GPL ----------------------------------------------------------------------- Copyright (C) 2003-2006 Volker Tanger This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. or on their website http://www.gnu.org/copyleft/gpl.html -----------------------------------------------------------------------