Tags › security tools
How to turn a Grandstream SIP phone into a remote bug
Published on Aug 24, 2007 in sip security, security tools
The “Institut National de Recherche en Informatique” has done it again. They released details of their research regarding the Grandstream GXV-3000 SIP phone - specially on a bug that allows one to crash the phone, and set it off the hook without ringing. This last exploit effectively turns such phones into a spying device, allowing crooks and other evil entities to discretely listen on conversations in a room where the phone is installed.…
Read more »Updates to SIPVicious tools
Published on Aug 24, 2007 in sipvicious oss, security tools, sip security
In the past two days I’ve been busy working on updates for SIPVicious tools: Scanning a large number of hosts does not take long for to start anymore Fixed a few bugs / unhandled exceptions we’re doing 160 hosts per second now :) updated user documentation for svmap added some switches to svmap: Verbose. The mode you add of these, the more debug information you get. -vvv for ub3r super debug info.…
Read more »SIPVicious tools for auditing SIP devices
Published on Jul 29, 2007 in sipvicious oss, security tools, sip security
SIPVicious tools version 0.1 have been uploaded on googlecode. These tools allow you to launch brute force password guessing attacks on PaBXs, identify SIP devices, softphones and hardphones on the network and guess live extensions on a PaBX. Any feedback is welcome, tho some feedback is more welcome than other feedback ;-) Download the latest (and earliest) version here.…
Read more »