Yup, i know this might been posted before. Still i managed to setup a PBX in linux box and hijack the session. Well, if you ask me, VoIP with TLS encryption is good, but there will be latency and expect to experience slowness when talking to your peer. With this experiment, all you need is siVus from http://www.vopsecurity.org/ x-lite softphone from http://www.xten.com/ and SER from http://www.iptel.org/ser/
You can read more about VoIP from the siVus website, under the papers section.
SCENARIO:
The above pic dictates this scenario.
Registrar: 192.168.1.138
ong: 192.168.1.45 (attacker)
ronald: 192.168.1.20
test: 192.168.1.55
Use sivus message generator to generate a REGISTER request for ronald(182.168.1.20) to the Registar.
In the Register request, the From and To headers must use the same user information.
The fields in Sivus to note for
Method: REGISTER
Domain/Host: 192.168.1.138 Port:5060
To: root
From: root
Branch: To find out which branch, launch the softphone and use Wireshark to sniff UDP packets to find out the branch number.
Contact:
To find out the port number of the softphone used, use a tool like tcpview to see the port number.
Click start
Hijacking a connection from ronald.
Scenario: Under normal circumstances, test(Caller) will call ronald(callee). Ong(Attacker) will then send a register request for ronald using the above fields to hijack the connection for ronald, ultimately ong will be the one speaking to test. Mission accomplished.
Kamis, 15 Maret 2007
Hacking and Hijacking VoIP
03.10
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar