Friday, June 22, 2012

SIP Security1: Scanning VoIP/PBX Servers


To find out a device/machine which is providing VoIP service, scan for ports 5060/5061 on both UDP and TCP. By default VoIP devices run on UDP 5060 port.

We can use tools like SIPVicious svmap.py or SIPSCAN(windows only).
svmap.py is a CLI (Command Line Interface) tool whereas SIPSCAN is a GUI (Graphical User Interface) tool. SIPSCAN is username enumerator rather than a Scanner.


Both the tools support OPTIONS, INVITE and REGISTER methods to find User Agent Server (UAS). But svmap.py can be used to pass any SIP method, infact we can pass invalid argument to detect the VoIP Server.


By default SIPSCAN tries with following extensions/usernames
thisisthecanary, test, echo, admin, dave, 101 to 110 excluding 109, 201 to 210 excluding 209, 401 to 410 excluding 409 and 501 to 510 excluding 509.




While scanning with SIPSCAN leave "Target SIP Domain" as default value to example.com or add domain or IP of your SIP Server. If you leave "Target SIP Domain" blank will not show  any results but with



Happy Week end :-) !!!

8 comments:

  1. I believe all small business should have business phone service. If you are one or two employee company or in business where all your staff is on the road, then you don't really need a business line. Just get a Toll Free number and it will work on top of your staff personal cell phones. When they receive a call, it will indicate that it is a business call on their call display so they can answer it professionally. All your staff can have their own professional voicemail system. You can monitor how many calls are answered and missed. I have been usingbusiness phone service from telcan. Check them out at: Check out Check out Hosted Pbx

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value of providing a quality resource for free. Serious Security

    ReplyDelete
  4. Awesome blog. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work! security guards

    ReplyDelete
  5. I was just browsing through the internet looking for some information and came across your blog. I am impressed by the information that you have on this blog. It shows how well you understand this subject. Bookmarked this page, will come back for more. security company

    ReplyDelete
  6. I am impressed. I don't think Ive met anyone who knows as much about this subject as you do. You are truly well informed and very intelligent. You wrote something that people could understand and made the subject intriguing for everyone. Really, great blog you have got here. Security Installers

    ReplyDelete
  7. I have utilized a great deal of juicers previously and I made this blog to help juice darlings settle on the correct choice in picking the kind of juicer that best fit their needs. There are a few decent chewing juicers to look over. buy windows vps

    ReplyDelete
  8. In the previous decade, most business firms were relying on traditional wired phone systems and email for all communication. However, nowadays companies have realized the importance of investing in a cloud-based phone system as it is secure and cost-effective. singapore phone number

    ReplyDelete