Here’s the most popular articles or posts published since I opened up SIPVicious blog (July 2007):
- The SIPVicious introduction animation - I guess people just dig something that they can just sit back and watch. The 5 minute video takes you through the download of the tool suite up, identifying a target and up to cracking a SIP phone extension.
- svmap usage - shows you how to make use of svmap which is part of the tool suite and how each option can be used to scan a target network or just one host.
- Getting Started - explains to people on how to make use of SIPVicious for the first time. Includes hints on how quickly to set up a test environment with Trixbox (a free PBX linux distro), identify the PBX with svmap, find out which extensions work with svwar and finally crack the password with svcrack.
- SIPtap and tapping phone calls - SIPtap generated a lot of buzz, and my comments got a bit of google traffic simply because everyone seemed to be searching for “siptap download”
- Server impersonation and SIP and More on INVITEing phones to ring - These two posts described a feature of most SIP devices and softphones which allow anyone that can reach the phone via network to get it to ring and generate a call. We tested various SIP phones for this and reported back on the blog.
- How to get the job done - a short fictitious story describing how an internal attacker can make use of SIPVicious tools to lunch some interesting attacks on the phone system and use that to elevate his network privileges
Here are some ideas on upcoming topics of interest:
- Confidentiality issues which have to do with SIP. This seems to be a very important topic simply because it is the most obvious security hole in most VoIP setups: i.e. sniffing and listening on phone calls.
- Fingerprinting in SIPVicious - how it works. I’ll work on this once I feel that the system is more stable and can be published ;-)
- Storming SIP Security - an article on hakin9 magazine which should be out real soon. Includes information on various attacks on SIP devices and PBX servers. We also included suggestions on how to mitigate the problems and tips on how to detect attacks with Snort and OSSEC.