SIPVicious

Latest articles

Fuzzing PJSIP and chan_skinny, vulnerability information and advisories

In the recent past, Alfred Farrugia and myself started looking at fuzzing OpenSource VoIP projects such as Asterisk, FreeSWITCH and Kamailio and their dependencies. Our internal Enable Security project was given the unimaginative name of rtcfuzz and, by now, we are making use of a combination of public tools like American Fuzzy Lop and Radamsa, together...

New Mascot and Tshirts!! and .. Kamailio World 2016 - 9 Years Of Friendly Scanning And Vicious SIP

On the presentationLast week I had the pleasure of presenting something new at Kamailio World 2016. Great community and excellent feedback!The presentation went through the following:How and why SIPVicious was originally written and publishedThose strange emails and phone calls asking for special version ;-)RIPE's 1.1.1.0/24 experiment and how it was...

Time flies! A summary of updates for the past few years and Kamailio World!

I just realised that I have not updated this blog since ages even if we have done some really cool stuff with SIP during that time. Unfortunately, many of the specifics are (to a certain extent) behind non-disclosure agreements.However, here is a list of stuff that happened that has to do with SIPVicious (or not):There was a release back in 20121210, v0.2.8Like...

If SIPVicious gives you a ring...

Note: SIPVicious version 0.28 is out, go get it. I like to keep an eye on the social media and Google alerts for SIPVicious and in the last few months I noticed a rise in mentions of the tools. Specifically, a number of Korean twitter users (who have their service with KT, a VoIP service provider) complaining about receiving a call from a caller-id...

SIPVicious 0.2.7 released and rewrite coming up, looking for testers!

Get it now! This is the last release in the 0.2 series which fixes a number of stability issues and bugs before moving on to a total rewrite. Are you a SIPVicious user? Get in contact if you have a VoIP lab or simply want to test the rewrite of SIPVicious. The internal version already includes support for TCP, TLS and IPv6 ;-)The changelog for this...

Asterisk forensics: the logs vs the attackers

Recently I had the opportunity to present on VoIP insecurity around various conferences this year, on my own and also with Joffrey Czarny. At Secure 2011 we had one day a workshop and one of the things we showed was the effect of a typical SIPVicious attack on an Asterisk box. The following videos (best seen in full screen and high quality) illustrate...

VOIPPACK updated to v1.4

Quick note, VOIPPACK now includes support for Cisco Call Manager and more tools to break that Asterisk PBX (FreePBX / Trixbox focus). The blog post on EnableSecurity includes more details.

11 million Euro loss in VoIP fraud .. and my VoIP logs

And the attackers made over 1 million in profits. This just emerged from a raid (and hearing apparently) in Romania and other countries. The two main persons being fingered are Catalin Zlate and Cristian Ciuvat. It seems that they were scanning for PBX servers with phone extensions that have weak passwords. Then they abused these accounts to make phone...

Distributed SIP scanning during Halloween weekend

Over last weekend there were a number of reports of VoIP (especially Asterisk) servers that were "under heavy attack". I have looked at some packet traces and noticed how the SIP messages look very similar to the ones generated by SIPVicious especially svwar.py. In fact, I think this is a modified version of SIPVicious that is being distributed on a...

AstriCon roundup and vendors adding security features

So I've finally been to AstriCon and I noticed a great increased interest amongst the attendees with regards to security, fraud and "hacking". The slides for my presentation titled "Just how vulnerable is your phone system" can be downloaded from this location.So what are the changes and additions from the software developer's side?Asterisk 1.8 has...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!