Condorlab

Common VOIP Attack tools


 

 

 

 

The following are some of the tools used by cybercriminals to carry out multiple attacks against infrastructures where different VoIP services are being implemented, generating denials of service, telephone fraud or interception of calls. Here is a sample list (the compete list of hundreds of tools can be found in the RSN UCTM product line)

 

SIPvicious

 

 

SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:. svmap – this is a sip scanner. Lists SIP devices found on an IP range svwar – identifies active extensions on a PBX svcrack – an online password cracker for SIP PBX svreport – manages sessions and exports reports to various formats svcrash – attempts to stop unauthorized svwar and svcrack scans.

 

 

More information about the tool in the following link: SIPvicious


Sipbrute

 

 

A utility to perform dictionary attacks against the VoIP SIP Register hash (MD5)


Sipflanker

 

 

Will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI.

 

 

More information about the tool in the following link: sipflanker


Viproy Voip Pen-Test Kit

 

 

Provides penetration testing modules for VoIP networks. It’s developed for security testing of VoIP and Unified Communications services. Viproy has Skinny, SIP and MSRP libraries to develop custom security tests, as well as PoC security testing modules. The modules below can be used to test SIP design and authorisation flaws, Skinny service issues, cloud VoIP design issues and client software vulnerabilities.

 

 

More information about the tool in the following link: Viproy


SiVus

 

 

SiVus is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations.

 

 

More information about the tool in the following link: SiVus


sipsak

 

 

Sipsak is a command line tool which can send simple requests to a SIP server. It can run additional tests on a SIP server which are usefull for admins and developers of SIP enviroments.

 

More information about the tool in the following link: Sipsak


vsaudit

 

 

The vsaudit is an opensource framework to perform attacks to general voip services.  It allows to scan the whole network or single host engaging in the information gathering  phase, besides it is able to search for most known vulnerabilities on the found alive hosts and then try to exploit them.

 

More information about the tool in the following link: vsaudit