Tags › security tools
introduction to svmap
Published on Nov 20, 2007 in sip security, sipvicious oss, security tools
Svmap is a network scanner for SIP. Similar to nmap - it will scan for devices on ports specified by passing the right command line options. Once svmap finds a device that supports SIP, it will extract information from the response and identify the type of device. Anyone running this tool will typically end up with a list of IP addresses of SIP devices and the names for those devices.…
Read more »SIPVicious version 0.2.1 released
Published on Nov 7, 2007 in sipvicious oss, sip security, security tools
Go get it from the usual place. This is mostly a bug fix release but we still managed to squeeze in some minor features: Session state is now saved svmap supports sending INVITE to particular extensions If you’re on a system with subversion installed, you can simply run “svn update” to receive the latest version. Check out the Changelog to see what changed.…
Read more »SIPVicious 0.2.1 public beta
Published on Nov 3, 2007 in sipvicious oss, security tools
Just wanted to let you know that v0.2.1 is public beta (meaning that it will be released soon). Go for it (and submit a bug report if you get any bad feelings) ;-) Changelog: v0.2.1 (maintenance) General: Feature: updated the report function to include more information about the system. Python version and operating system is now included in the bug report. option now supports optional feedback. Feature: Store information about the state of a session.…
Read more »More on INVITEing phones to ring
Published on Oct 30, 2007 in sip security, sipvicious oss, security tools
This is a follow up on a previous post. Apart from using a softphone, you can make use of svmap.py (part of SIPVicious tool suite) to reproduce the behavior: ./svmap.py -m INVITE 192.168.1.4 -p5061 Where 192.168.1.4 is the IP of the SIP phone and 5061 is the SIP port of the phone. For a ghost call effect, if you have a network with all SIP phones listening on port 5060, you can just run the following to get them to ring at the same time:…
Read more »Wiki updates
Published on Oct 18, 2007 in sipvicious oss, sip security, security tools
We’ve updated some pages on the wiki: Usage of svmap and svwar with examples on how to use each option Mentions of sipvicious on various media are now being cataloged A Getting Started document - a step by step how to for newbies and the rest of us ;) The FAQ page has been updated to include a disclaimer like answer to the question: “Why did you publish tools that can be used for illegal purposes?…
Read more »Bluebox podcast mentions SIPVicious
Published on Oct 13, 2007 in sipvicious oss, sip security, security tools
Listen to the podcast.…
Read more »SIPVicious 0.2 released
Published on Oct 8, 2007 in sipvicious oss, sip security, security tools
After much bug fixing and feature creeping … we announce SIPVicious tool suite 0.2! Tarball download Zip file download Notable features include: Session support which allows you to resume previous scans as well as store the results in database format Exporting of previous results to various formats: pdf, xml (html), csv and plain text Easy updating by making use of subversion (svn update) Better UI, more intuitive help, clean output and more debug info when needed And my favorite feature: random scanning techniques I also uploaded a screencast and tutorial on how to use SIPVicious tools to crack an extension on an Asterisk box here.…
Read more »SIPVicious tools 0.1.9 .. aka 0.2 beta
Published on Oct 3, 2007 in security tools, sipvicious oss
Download Now and give feedback. If you have svn installed, you can keep updated by running “svn update” in the sipvicious directory. To view the changes, the command is “svn diff”. A list of new features: Session / database support allowing you to resume a scan as well as to store scans which can later be exported A new script called svreport. Allows you to resolve ip addresses of previous scans, export previous scans to different file formats: pdf, xml (supporting html output via xlst), csv and plain text.…
Read more »SIPVicious tools in the works
Published on Sep 11, 2007 in sipvicious oss, sip security, security tools
Been working on more features with regards to svmap. Some of these features find themselves in svwar and svcrack as well in the next release version. So what features of interest? Svmap is now session based. This allows us to have the following features: You may stop a current scan, go have a coffee and resume it later. If the power cuts, a natural disaster occurs or anything bad happens, you can resume your scan later because of the autosave feature, provided you survived the accident.…
Read more »Security Analysis of Voice-over-IP Protocols
Published on Sep 7, 2007 in voip security, security tools
This paper talks about the state of security or lack of of the VoIP protocols. It talks a lot about encryption and introduces some attacks in that area. Of interest: replay attack on SDES key exchange causing SRTP to use the same keystream in multiple sessions. This means that the attacker removes encryption from SRTP-protected data streams. An attack on ZRTP involving unauthenticated uesr IDs. This allows bypassing / disabling of authentication or a DoS attack.…
Read more »