WarVOX Download – War Dialing Tool Software

The New Acunetix V12 Engine


WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, it works with the actual audio from each call and does not use a modem directly.

WarVOX Download - War Dialing Tool Software


This model allows the tool to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. It provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system.

What does WarVOX War Dialing Tool Software Do?

WarVOX requires no telephony hardware and is massively scalable by leveraging Internet-based VoIP providers. A single instance on a residential broadband connection, with a typical VoIP account, can scan over 1,000 numbers per hour. The speed is limited only by downstream bandwidth and the limitations of the VoIP service. Using two providers with over 40 concurrent lines we have been able to scan entire 10,000 number prefixes within 3 hours.

WarVOX War Dialing Tools Features

  • License changed to BSD, no restrictions on commercial use
  • Support number exclusion lists / black lists (regex based)
  • Support for phone number ranges in addition to masks
  • Support for multiple ranges and masks per job
  • Numerous bug fixes and stability improvements
  • Command line script for exporting dial results (bin/export_list.rb)

The resulting call audio can be used to extract a list of modems that can be fed into a standard modem-based wardialing application for fingerprinting and banner collection. One of the great things about the WarVOX model is that once the data has been gathered, it is archived and available for re-analysis as new signatures, plugins, and tools are developed. The current release of WarVOX (1.0.0) is able to automatically detect modems, faxes, silence, voice mail boxes, dial tones, and voices.

It is written in Ruby and designed to be run on any modern Linux distribution.

It was actually merged into the Metasploit Project in August 2011.

WarVOX download here:

warvox-master.zip

Or read more here.

Posted in: Hacking Tools

, , ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


6 Responses to WarVOX Download – War Dialing Tool Software

  1. Navin May 28, 2009 at 7:54 am #

    OK, I just wanted to ask this to someone who actually knows, so I’ll just blurt it out…..

    is wardialling really still really as important as it was a decade or two ago?? I mean I do know tht many greats started off with stuff like wardialling, but whts really the use of a traditional wardialling in todays scenario of high speed broadband internet??

    please someone clarify……sorry if this seems like a n00b question

  2. Bogwitch May 28, 2009 at 11:52 am #

    Hi Navin,

    You’re right to say it’s not as relevant today as it may have been in the past however, there are still some legacy systems that are connected via modems, some ’emergency access’ points, some network infrastructure and some SCADA stuff.
    The ability to detect PBX, voicemail etc gives an additional avenue where social engineering can be exploited, too.

  3. send9 May 28, 2009 at 4:55 pm #

    Navin: It’s important for many of the reasons you stated. People secure their Internet-facing hosts, but forget about their back-up dial-in modems. Vendors will come in and put a modem on their router/equipment/HVAC system for maintenance purpose without telling the organization, as well. Oftentimes the organization is lulled into a false sense of security, without being aware that this threat exists. They will perform their own security audits, but will not include their dial-in lines. It’s just an area that’s often missed, and one where pen-testers will often have a finding, whereas everything else is in perfect shape. Is it as important as a decade ago? Probably not. But it’s certainly very important.

    And to add to that, there’s not a whole lot of good war dialing software on the market. There are the classics like THCScan and ToneLoc, but they don’t perform a whole lot in the way of intelligent detection of carriers and just don’t scale well for modern environments or larger pen-tests. And then there’s Sandstorm’s PhoneSweep, which is buggy and expensive. So to see something like WarVOX, with its new approach and focus on using VoIP, is pretty exciting.

  4. annon June 5, 2009 at 1:37 am #

    ok my question is: is this legal? because i see it just as war driving only by using ur dial up modem as the “beacon”… thing is i have heard that after the “phone phreaking” age implementations were put in so users could not war dial and if they were caught doing so they might be punished to the full extent of the law!?! am i wrong in saying this might be gray area sofware? I would like to know seeing as how im interested…

    thanks in advance

  5. Bogwitch June 5, 2009 at 3:07 pm #

    As with all forms of penetration testing, without the system owner’s permission would be illegal (in most contries)

    If you try to run a war-dialler without permission from the target owner, expect to get v&

  6. erleko July 1, 2009 at 10:17 pm #

    ye s you will be caught and prosectued.