We can all imagine what it might be like to have all the phones in your office simultaneously assaulted with SPIT calls. In my humble opinion, imagination doesn't do justice to the actual experience; it was maddening enough in a lab setting with only 4 phones simultaneously ringing with SPIT calls.
In the summer of 2006, Mark assigned me the task of producing a tool to generate SPIT calls to demonstrate to customers how aggravating SPIT can be. He also wanted to feature the tool in his Hacking Exposed VoIP book. He suggested I consider the open-source SIPp project as the base program to use for the tool - which wasn't a bad suggestion. In 2006, SIPp was already a useful tool for generating SIP traffic - meaning VoIP signaling traffic, but it wasn't a call generator in the telemarketing sense with any built-in sophisticated call management (signaling and audio). I wanted to be able to generate a lot of simultaneous calls over a VoIP trunk with coordinated audio playback. I could envision taking quite a while to augment SIPp to support that requirement.
With the Internet at my fingertips, I searched to see if anyone out here had already published an open-source SPIT tool. I couldn't find one cached by the major search engines. However, I did find a tool called TeleYapper. It was produced by a guy who wanted to automate his notifications to parents of players on the softball team he coached; things like where/when the next practice or game would be held, weather related cancellations, …etc. He used the @Home version of Asterisk and created an appropriate dial-plan to accomplish his goals. He could call his Asterisk IP PBX from a remote location (e.g. from work), record a message, and have Asterisk begin calling phone numbers stored in a MySQL database to play that message to his softball team's parents. He had it detecting when a voicemail machine answered his call and delayed the notification during the voicemail's greeting. He even had it set up so it would remember to call numbers again that went unanswered or were busy.
TeleYapper pretty much fit the bill for what Mark wanted. It certainly was flexible. It had a license somewhat similar to the GNU open-source license, but not exactly. It did require a MySQL database.
At the time, I had also recently come up-to-speed and was experimenting with Asterisk for a section of the Hacking Exposed VoIP book. Taking inspiration from TeleYapper, I thought I'd let Asterisk do the "heavy lifting" for the SPIT tool. I could produce a fairly simple SPIT dial-plan and a little C program to provoke Asterisk to make calls over a SPIT trunk. I named the little C program "spitter". How original!
spitter requires access to the outgoing spool folder of an Asterisk installation which squat thrusts the SPIT calls for you. I've always run spitter on the same platform where Asterisk is installed, but I suppose spitter could be run on a separate platform with Asterisk's outgoing spool folder mounted remotely. spitter inputs an ASCII file with simply formatted "call records". Each call record stipulates the SPIT trunk (i.e. a dial-plan "context" in Asterisk parlance), the target destination (i.e. phone number), a calling line ID (i.e. text) to supply to the destination, the name of a sound file to play, and the step number of the dial-plan context where the call handling should begin (i.e. the "priority" in Asterisk parlance). spitter merely processes the input file of call records sequentially. It copies a call record within the input file into its own uniquely named "call file". It then moves that file into Asterisk's outgoing spool folder. When Asterisk detects a file within its outgoing spool folder, it automatically launches the call in accordance with the call record found in that file. It removes the call file from its outgoing spool folder when the call completes.
The spitter command line permits you to limit the number of spitter call files present in Asterisk's outgoing spool folder at any one time. The limit lets you do two things: 1) prevents the PC running spitter and Asterisk from becoming saturated; and 2) prevents your telephony trunk from becoming saturated or from violating any service provider imposed simultaneous call limit. In the former case, if you have an input file with a lot of call records (e.g. hundreds), the limit can prevent Asterisk from attempting to launch so many simultaneous calls that you encounter the Linux "too many files open" error. Otherwise, the number of simultaneous calls you can produce is only limited by the robustness of your PC, and the maximum bandwidth of your telephony trunk or a service provider simultaneous call limit.
Naturally, we're not suggesting anyone should actually employ spitter or Asterisk to perpetrate a real-life SPIT gatling gun any more than we would encourage the abuse of TeleYapper as a real-life SPIT platform. spitter is intended for illustrative purposes only. We hope it aids fellow whitehats to produce and test systems to thwart the SPIT calls we all know are coming eventually.
The next time you're thinking of producing a tool that requires a serious level of built-in call management support, consider the open-source Asterisk IP PBX to do your heavy lifting. It supports several signaling protocols and includes useful dial-plan functions. See:
www.asterisk.org
The Hacking Exposed VoIP book contains additional information about spitter and includes examples.
This isn't intended to knock the SIPp project. SIPp is a very useful tool for performance testing a VoIP product. It's great for driving vectors of certain sequences of SIP signaling messages to your target system to verify it is well-behaved.
Mark O'Brien