WireBug: toolset for Voice-over-IP penetration testing

WireBug

WireBug

WireBug is a toolset for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to use. The tools are built for single using too, so every tool is its own python or bash program.

Tools

  • FullBridge: This is a simple bash script to set up a layer2 bridge with two defined interfaces.
  • BridgeTrap: This script is useful in a combination with the FullBridge tool. It will mirror the traffic of the bridge to a defined interface e.g. a raspberry pi with two interfaces for bridging and one as monitoring.
  • DoubleEncapsulation: This python program will craft a double encapsulated ICMP packet and send it to the destination – possible VLAN Hopping.
  • TimeShift: Tool for a response to an NTP request in a man-in-the-middle position (also with FullBridge) with a timestamp in the past or future. You can easily check if the client (VoIP Phone) checks the validity of the server certificate (SIPS, H.323s, HTTPS, LDAPS, etc.), or simply use it as a DOS Tool.
  • VlanEnum: This bash script creates 802.1Q virtual interfaces with VLAN tagging and waiting for possible DHCP responses. If it was possible to get an IP Address the interface will be staid alive otherwise it will be deleted.
  • SaCLaC: This includes two python programs. One for spoofing fake LLDP-MED packets to getting into VoIP VLAN or trigger a DoS by instructing the client to set a VLAN-Tag and one to analyze CDP Information of a PCAP File.
  • DecodeSRTP: This script makes it easy to use the Cisco Systems’ SRTP library for decrypting an SRTP-SDES Stream if the AES-Key was extracted from the signaling part.
  • SIPCraft: This tool is delivered with some basic SIP messages (REGISTER, OPTIONS, INVITE, BYE) but it is also for crafting your own SIP message by using the option “–individual”. With this option, it is possible to store your SIP content in a simple text file and then spoof it with the sip craft tool. The script supports TCP and UDP.
  • CrackTheSIP: A simple brute force tool for cracking SIP digest authentication by using a word list.
  • ZRTPDowngrade: A Tool to drop ZRTP initiated Packets in a man-in-the-middle position.
  • EvilSTUN: A simple tool for fake STUN responses.
  • SIPFuzz: A tool for SIP fuzzing.
  • SIPEnum: This tool enumerates SIP extensions by a given file.
  • SIPBrute: A tool for online brute force attacks against SIP proxies.
  • RTPFuzz: A tool for fuzzing and injecting random RTP packets (noise) into running streams.

Install

git clone https://github.com/SySS-Research/WireBug.git

cd WireBug

pip install -r requirements.txt

Use

python3 wirebug.py

Copyright (c) 2020 SySS Research

Source: https://github.com/SySS-Research/