Skip to main content
Sandro Gauci

Sandro Gauci, Enable Security

BruCON Training: Module 4, Attacking Unified Communications

Published on Sep 7, 2010 in , ,

The final module in the upcoming pentesting VoIP crashcourse is the most exciting one. In this section we look at VoIP systems as a whole. Unified communications is one of those words that have been hyped up to include everything, from chat to video phone calls and SMS. What we will look at in this section is how to go about breaking into the following during a penetration test:

  1. Web application security flaws in Asterisk-based PBX servers
  2. Attacking various services open in PBX servers, such as TFTP
  3. How once you’re on a PBX network, you can sometimes simply use your phone to spy on other phone calls
  4. How to make use of hardware taps 
  5. Hardware phone features that can be abused
  6. Abuse of various exposed features in Cisco call manager accessible on the HTTP server

This module will help familiarize the attendees with the target servers and system. Who knows, it may even give a kick-start to find some new 0-days in one of these Unified Communications solutions ;-)


Sandro Gauci

Sandro Gauci

CEO, Chief Mischief Officer at Enable Security

Sandro Gauci leads the operations and research at Enable Security. He is the original developer of SIPVicious OSS, the SIP security testing toolset. His role is to focus on the vision of the company, design offensive security tools and engage in security research and testing. Therefore, he is the proud owner of the title of Chief Mischief Officer at Enable Security.

He offers public office hours and is reachable here.