Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoken Commands Crash Bank Phone Lines

Posted by samzenpus on from the initiate-self-destruct-sequence dept.

mask.of.sanity writes "A security researcher has demonstrated a series of attacks that are capable of disabling touch tone and voice activated phone systems, forcing them to disclose sensitive information. The commands can be keyed in using touchtones or even using the human voice. In one test, a phone system run by an unnamed Indian bank had dumped customer PINs. In another, a buffer overflow was triggered against a back-end database. Other attacks can be used to crash phone systems outright."

5 of 178 comments (clear)

  1. Video of the talk by Tryfen · · Score: 5, Interesting

    You can you watch a video of the talk on YouTube - or read the slides at BlackHat.

    Fairly interesting to see how buffer-overflows can occur in the most unlikely places.

    --
    If a square is really a rhombus, why aren't all triangles purple?
  2. Re:One trick by fuzzyfuzzyfungus · · Score: 4, Interesting

    If you have the knack for it, whenever you encounter and IVR is to repeatedly scream a phrase at it, something like 'agent'. Good systems recognize the word and put you through to a human post haste. Shit systems, which are the predominant type, have something like a 30 or 60 second timeout before requiring human help.

    Some systems may actually be responding to the vocal stress cues. In an effort to pretend to care, while minimzing the number of actual humans needed, some designs will prioritize the ones that sound increasingly angry so as to get them dealth with and out of the way. I find that it generally isn't difficult to convincingly emulate boiling rage, and(depending on whether the phone drone knows he is being dumped into a rage call or not) immediately switching to polite-and-businesslike when the human comes on usually works pretty well.

  3. Re:One trick by PRMan · · Score: 5, Interesting

    Pressing 0 works on a little more than half of systems. Make sure you keep pressing 0 in response to every prompt.

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
  4. Re:Good by SlippyToad · · Score: 5, Interesting

    the operator gets on and asks for all that info again....

    I bitched about that once. Turns out, they are killing time while your screen comes up from their glacially-slow system.

    --
    One day I feel I'm ahead of the wheel / the next it's rolling over me / I can get back on / I can get back on
  5. seen it done. not new. by gigne · · Score: 5, Interesting

    Working in the industry, and having to read low level logs all of the time, I see this frequently.
    People will call up, wait for a silence, and after 500ms start pumping down DTMF signals. Often they do this with seemingly random patterns 3-4 times before giving up.
    often times they retry promps with longer and longer strings. This is old news.

    I am guessing there is a wardialler in ther that is looking for specific systems at the other end. Sort of known phreak attacks.

    Weird things like this exist and have existed for a long time. Hardware and software suppliers check for this now. We routinely check for stuff link this in dev and QA.

    The submitter is doing nothing new, nothing unknown or even clever. These sorts of phreaks are older than I am. meh.

    --
    Signature v3.0, now with 42% less memory usage.