Late March updates

It's about time that we look at SIPVicious again. If you're making use of the SVN version, please update to the latest svn commit which includes some fixes for bugs that were creating unnecessary traffic.

I'm currently planning on a major update of SIPVicious - email me with your suggestions and VoIP needs please ;-) Cleaner and extensible code guaranteed.

VOIPPACK gets to target IP Phones this month, with 2 major new modules that highlight what can be done to both hardphones and softphones: Ghostcall and "SIP Digest Leak".

Ghostcall might remind some people of the movie "The Omega Man" where all phones ring at the same time. Of course, the phones in the movie are most probably not VoIP phones but could very well be.

Then there's "SIP Digest Leak" that highlights a vulnerability that affects many IP Phones. This tool allows penetration testers and other security dudes to force IP Phones to reveal the digest credentials and possibly recover the password used to access a PBX or a VoIP provider.

More information about these tools was posted the EnableSecurity blog. Actual demonstration videos on the Vimeo account. And here's a clip from "The Omega Man" showing a 70's version of Ghostcall:

Whats brewing on the SIPVicious front

Been quite for a while, but that does not mean that I've been resting. Instead I've been looking into fingerprinting SIP devices and not relying on the User-agent header to identify the a SIP network element's name.

This means that SIPVicious tools will soon be able to guess the name of the device. What's important is that the tools will be able to maintain do this without sacrificing speed and efficiency. Expect more news on this.

Other than that, I'm looking at how to integrate the dns stuff with svmap - things like the SRV records and ENUM.

And.. last but not least.. I've been working on an article for Hakin9 magazine which explains a lot of behind the scenes when it comes to how SIPVicious tool suite works.