1 / 15

VOIP EXPLOITS USING KALI LINUX TOOLS

VOIP EXPLOITS USING KALI LINUX TOOLS. PROJECT BY: KARNATI VAMSI KRISHNA VANKANA SIVA SAKETH REDDY. CONTENTS. Project Title Tools Used SIPSAK Metasploit XPLICO Implementations Problems Faced References. PROJECT TITLE. “Pen testing and Exploits using KALI Linux Tools”. TOOL USED.

Download Presentation

VOIP EXPLOITS USING KALI LINUX TOOLS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. VOIP EXPLOITS USING KALI LINUX TOOLS PROJECT BY: KARNATI VAMSI KRISHNA VANKANA SIVA SAKETH REDDY

  2. CONTENTS • Project Title • Tools Used • SIPSAK • Metasploit • XPLICO • Implementations • Problems Faced • References

  3. PROJECT TITLE “Pen testing and Exploits using KALI Linux Tools”

  4. TOOL USED • SIPSAK: • This tool can be used testing SIP devices & applications. • This can be done just by using OPTION req method. • In our project we used it to Fingerprint the SIP device.

  5. IMPLEMENTING SIPSAK WE USED THIS TOOL TO FINGERPRINT THE SIP DEVICES. COMAND: sipsak–vv –s sip:10.103.5.217

  6. TOOL USED • METASPLOIT: • Using the Modules & Auxiliaries available in Metasploit framework VoIP can be exploited. • This framework can be used for several attacks. • We can use it for enumerating SIP extensions. • We can use it for creating fake SIP invite request, which makes the target device ring.

  7. IMPLEMENTING METASPLOIT WE USED THIS TOOL TO ENUMERATE DEVICES AND TO FLOOD INVITE REQUESTS TO SIP DEVICES. COMMANDS: Use auxiliary/scanner/sip/options Use auxiliary/voip/sip-invite-spoof RESULTS: SIP Devices are enumerated SIP device receives several invite requests, which cause for multiple Rings.

  8. IMPLEMENTING XPLICO WE USED THIS TOOL TO CAPTURE SIP TRAFFIC COMMANDS:

  9. SIPCRACK TOOL • COMMAND: sipdump –p <pcapfile> auth.txt Dumps the authentication data from PCAP file into auth.txt Sipcrack –w <dictionary file> auth.txt Cracks the password of the Sip device

  10. TOOLS TRIED • SIPSAK • METASPLOIT • SIPCRACK • VOIPONG • VOMIT • XPLICO

  11. REFERENCES: • www.google.com • http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP • http://www.enderunix.org/voipong/manual/book.html#INSTALLATION • http://zer0byte.com/2013/03/19/kali-linux-complete-tools-list-installation-screen-shots/ • http://www.offensive-security.com/metasploit-unleashed/Msfconsole_Commands#path

More Related