sipvicious: audit SIP based VoIP systems

SIPVicious security tools

The 5 tools that you should be looking at are:

  • svmap – this is a sip scanner. When launched against ranges of ip address space, it will identify any SIP servers which it finds on the way. Also has the option to scan hosts on ranges of ports.Svmap is a free and Open Source scanner to identify sip devices and PBX servers on a target network. It can also be helpful for systems administrators when used as a network inventory tool. Svmap was designed to be faster than the competition by specifically targeting SIP over UDP.Svmap can:
    • identify SIP devices and PBX servers on default and non-default ports
    • scan large ranges of networks
    • scan just one host on different ports, looking for a SIP service on that host or just multiple hosts on multiple ports
    • take previous scan results as input, allowing you to only scan known hosts running SIP
    • use different scanning methods (make use of REGISTER instead of OPTIONS request)
    • get all the phones on a network to ring at the same time (using INVITE as method)
    • randomly scan internet ranges
    • resume previous scans
  • svwar – identifies working extension lines on a PBX. A working extension is one that can be registered.  Also tells you if the extension line requires authentication or not.
    Svwar is a free SIP PBX extension line scanner. In concept, it works similar to traditional wardialers by guessing a range of extensions or a given list of extensions.Svwar can:

    • identify extensions on PBXs and through SIP proxies
    • Scan for large ranges of numeric extensions
    • Scan for extensions using a file containing a list of possible extension names
    • Use different SIP request methods for scanning since not all PBX servers behave the same
    • resume previous scans
  • svcrack – a password cracker making use of digest authentication.  It is able to crack passwords on both registrar servers and proxy servers. Current cracking modes are either numeric ranges or words from dictionary files.
  • svreport – able to manage sessions created by the rest of the tools and export to pdf, xml, csv and plain text.
  • svcrash – responds to svwar and svcrack SIP messages with a message that causes old versions to crash.

Install && Tutorial

Author: Sandro Gauci