Da Voismart Knowledge Base.
DISA (Direct Inward System Access)

DISA(<numeric passcode>[|<context>]) or DISA(<filename>)
The DISA, Direct Inward System Access, application allows someone from 
outside the telephone switch (PBX) to obtain an "internal" system 
dialtone and to place calls from it as if they were placing a call from 
within the switch.
DISA plays a dialtone. The user enters their numeric passcode, followed by
the pound sign (#). If the passcode is correct, the user is then given
system dialtone on which a call may be placed. Obviously, this type
of access has SERIOUS security implications, and GREAT care must be
taken NOT to compromise your security.

There is a possibility of accessing DISA without password. Simply
exchange your password with "no-password".

    Example: exten => s,1,DISA(no-password|local)

Be aware that using this compromises the security of your PBX.

The arguments to this application (in extensions.conf) allow either
specification of a single global passcode (that everyone uses), or
individual passcodes contained in a file. It also allows specification
of the context on which the user will be dialing. If no context is
specified, the DISA application defaults the context to "disa".
Presumably a normal system will have a special context set up
for DISA use with some or a lot of restrictions. 

The file that contains the passcodes (if used) allows specification
of either just a passcode (defaulting to the "disa" context, or
passcode|context on each line of the file. The file may contain blank
lines, or comments starting with "#" or ";". In addition, the
above arguments may have |new-callerid-string appended to them, to
specify a new (different) callerid to be used for this call, for
example: numeric-passcode|context|"My Phone" <(234) 123-4567> or 
full-pathname-of-passcode-file|"My Phone" <(234) 123-4567>.  Last
but not least, |mailbox[@context] may be appended, which will cause
a stutter-dialtone (indication "dialrecall") to be used, if the
specified mailbox contains any new messages, for example:
numeric-passcode|context||1234 (w/a changing callerid).  Note that
in the case of specifying the numeric-passcode, the context must be
specified if the callerid is specified also.

If login is successful, the application looks up the dialed number in
the specified (or default) context, and executes it if found.
If the user enters an invalid extension and extension "i" (invalid) 
exists in the context, it will be used. Also, if you set the 5th argument
to 'NOANSWER', the DISA application will not answer initially.