Skip to main content

Tags security tools

Sandro Gauci

Sandro Gauci, Enable Security

Asterisk forensics: the logs vs the attackers

Published on Jan 2, 2012 in , , ,

Recently I had the opportunity to present on VoIP insecurity around various conferences this year, on my own and also with Joffrey Czarny. At Secure 2011 we had one day a workshop and one of the things we showed was the effect of a typical SIPVicious attack on an Asterisk box. The following videos (best seen in full screen and high quality) illustrate what happens. When we run svmap.py, nothing usually shows up on the asterisk logs.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

VOIPPACK updated to v1.4

Published on Jan 25, 2011 in , ,

Quick note, VOIPPACK now includes support for Cisco Call Manager and more tools to break that Asterisk PBX (FreePBX / Trixbox focus). The blog post on EnableSecurity includes more details.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

Distributed SIP scanning during Halloween weekend

Published on Nov 4, 2010 in , ,

Over last weekend there were a number of reports of VoIP (especially Asterisk) servers that were “under heavy attack”. I have looked at some packet traces and noticed how the SIP messages look very similar to the ones generated by SIPVicious especially svwar.py. In fact, I think this is a modified version of SIPVicious that is being distributed on a botnet. Take a look at the following message generated by these new scans:…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

New beta of VIPER VAST released 2.76

Published on Jul 21, 2010 in ,

And that includes all the latest goodness, including SIPVicious. This is a great tool for those needing an up to date VoIP hackin.. er penetration testing distro :-) Download it from here.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

How to crash SIPVicious - introducing svcrash.py

Published on Jun 22, 2010 in , ,

A new tool has been added to SIPVicious - svcrash.py. As the name implies, it crashes something - svwar.py and svcrack.py. This tool is meant to be used by system administrators and organizations that are receiving unauthorized scans on their exposed IP PBX. Quick links: Download the latest version :: Watch a short demo of svcrash.py Since this is a little different from the usual, I’ll provide a bit of background first.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

New tool in the works: TFTPTheft

Published on May 28, 2010 in ,

Most sysadmins just love the idea of switching on a box that just works automatically. In the case of IP phones that is typically possible by setting up the right DHCP config and a TFTP server hosting firmware and configuration. My introduction to TFTP The TFTP protocol typically runs over port 69, and the above image shows a rather insecure doll. The TFTP protocol is rather simple and lightweight: Runs on top of UDP Does not support authentication Only supports pulling and pushing (GET and PUT) of files (no directory listing) New tools?…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

SIPVicious 0.2.5 out

Published on May 19, 2010 in , ,

Latest SIPVicious. It has been a while since I released an update to SIPVicious. It is mostly a bug-fix and “play nice” update. Download it from here. Changelog: v0.2.5 (20100519) Feature: svwar.py has “scan for default / typical extensions” option. This option tries to guess numeric extensions which have certain patterns such as 1212 etc. Option is -D, –enabledefaults General: svwar.py and svcrack.py now have a new option which allows you to see how long the tools will scan without receiving any response back.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

VIPER VAST includes SIPVicious

Published on Oct 5, 2009 in ,

A quick post to refer to the live bootable CD from Viperlabs called VIPER VAST. It’s a Linux distribution that includes a good number of tools that can help in a VoIP security assessment. I think I’ll be giving this a try next time around. What makes this useful is if you want to quickly have a machine with all the right libraries, drivers and packages installed to be able to run tools such as UCsniff.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

SEC-T in Sweden and SIPVicious update in svn

Published on Sep 7, 2009 in , ,

Its been a while since I updated SIPVicious, mostly because I have been working on SIPVicious 2.0 (being used in VOIPSCANNER.com). However I decided to add a few new options for svmap and svreport to help me with the research for this new presentation I’ll be giving on Friday at SEC-T in Stockholm, Sweden. The presentation is called “Searching for phones on the Internet” and subtitled “Adventures with SIPVicious”. Will be posting more details on the presentation later on, but lets describe the new features in svmap.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

Scan your public facing PBX with VOIPSCANNER.com

Published on Jul 17, 2009 in , ,

Announcing VOIPSCANNER.com, the SaaS Voice over IP Security scanner. If you’re already familiar with SIPVicious, then you can guess what this tool does. This online tool makes it easier than ever to check if the Asterisk box you just installed, or most other SIP PBX servers, is misconfigured and contains weak credentials. Attackers on the ’net are already doing this for their own benefit, don’t wait until they hit your PBX!…

Read more »