Software, technology, sysadmin war stories, and more. Feed
Tuesday, August 7, 2012

My attempt to "bounce" audio through a PBX from the inside

Quite some time back, one of my family members worked in a real estate office. I'd sometimes tag along at times when the office wasn't nominally open but there was work to be done regardless. It was all sorts of fun when nobody else was there.

I used to play secretary and would sit at the front desk and just pretend I was routing calls around and dealing with visitors. Obviously, there weren't any calls since they were call-forwarded elsewhere after hours, and people didn't stop by after business hours, but it was fun to imagine it anyway.

Then, at one point, they upgraded their phone system. Instead of those phones which were built like tanks and had a row of square buttons (red hold, plus various white ones for the lines), they had a new digital system. It had all kinds of neat features, buttons, and possibilities.

Naturally, this pretend secretary needed to try it out.

One of the new features was a station to station intercom. This could be done either directly with the handset, or with yet another new feature: the speakerphone. This gave me an idea.

That real estate office was divided into a bunch of individual rooms with two or three agent desks, each with their own phone. I figured I could set up an audio relay. First, I'd connect the master secretary desk phone to phone #1's speakerphone in office #1. Then I'd dial out from the speakerphone on phone #2 in office #1 to phone #1 in office #2, and so on.

Basically, I'd use the phones to hop between rooms, and then turn up the volume on the speakerphones to make it go from one to the next. Then I should be able to close the doors, go out and yell into the secretary's station, and it should come out the far end all garbled and crazy. It should also make a ridiculous racket in between. I wondered just how far I could make it go.

Unfortunately for me (and fortunately for anyone else in the building), it failed. The PBX refused to set up more than one or two intercom calls at a time. That left me unable to get much beyond one hop, and thus my plan was ruined. That's okay though, since there were plenty of other things left to amuse me.

I should mention that this all happened well before I had discovered 2600 or anything of the sort. My idea was just a logical conclusion given access to the system, the instruction manual and a fair bit of free time. The rest just falls into place from first principles.

Phreaking (or indeed, any other kind of hacking) doesn't have to come about from seeing someone else do it first. You can get there all by yourself.