Skip to main content

Tags security tools

How to turn a Grandstream SIP phone into a remote bug

Published on Aug 24, 2007 in ,

The “Institut National de Recherche en Informatique” has done it again. They released details of their research regarding the Grandstream GXV-3000 SIP phone - specially on a bug that allows one to crash the phone, and set it off the hook without ringing. This last exploit effectively turns such phones into a spying device, allowing crooks and other evil entities to discretely listen on conversations in a room where the phone is installed.…

Read more »

Updates to SIPVicious tools

Published on Aug 24, 2007 in , ,

In the past two days I’ve been busy working on updates for SIPVicious tools: Scanning a large number of hosts does not take long for to start anymore Fixed a few bugs / unhandled exceptions we’re doing 160 hosts per second now :) updated user documentation for svmap added some switches to svmap: Verbose. The mode you add of these, the more debug information you get. -vvv for ub3r super debug info.…

Read more »

SIPVicious tools for auditing SIP devices

Published on Jul 29, 2007 in , ,

SIPVicious tools version 0.1 have been uploaded on googlecode. These tools allow you to launch brute force password guessing attacks on PaBXs, identify SIP devices, softphones and hardphones on the network and guess live extensions on a PaBX. Any feedback is welcome, tho some feedback is more welcome than other feedback ;-) Download the latest (and earliest) version here.…

Read more »

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in working with us? Get in touch

We hate spam and hard-selling and are committed to protecting and respecting your privacy. You can unsubscribe from these communications at any time. By subscribing, you are agreeing to the Terms and Conditions. this site uses reCAPTCHA, the Google Privacy Policy and Terms of Service apply.