SIPVicious v0.2.7 Released
SIPVicious is a tools for auditing SIP based VoIP systems.
SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:
- svmap – this is a sip scanner. Lists SIP devices found on an IP range
- svwar – identifies active extensions on a PBX
- svcrack – an online password cracker for SIP PBX
- svreport – manages sessions and exports reports to various formats
- svcrash – attempts to stop unauthorized svwar and svcrack scans
Changelog v0.2.7
- Feature: svcrash.py has a new option -b which bruteforces the attacker’s port
- Feature: svcrack.py now tries the extension as password by default, automatically
- Feature: svcrack.py and svwar.py now support setting of source port
- Feature: new parameter –domain can be passed to all tools which specifies a custom domain in the SIP uri instead of the destination IP
- Feature: new –debug switch which shows the messages recieved
- Bug fix: Sometimes nonces could not be extracted due to an incorrect regex
- Bug fix: Fixed an unhandled exception when decoding tags
- Bug fix: now using hashlib when available instead of md5
- Bug fix: removed the space after the SIP address in the From header which led to newer version of Asterisk to ignore the SIP messages
- Bug fix: dictionaries with new lines made svcrack.py stop without this fix
- Change: renamed everything to start with sv
- Bug fix: changed the way shelved files are opened by the fingerprinting module
- Change: fingerprinting disabled by default since it was giving too many problems and very little benefits
More Information: here
Download SIPVicious v0.2.7