VoIP hacking workshop

From Tmplab

(Difference between revisions)
Jump to: navigation, search
(New page: * Date: Thursday 20th of May 2010)
Line 1: Line 1:
-
* Date: Thursday 20th of May 2010
+
{{Workshop
 +
|title=VoIP hacking workshop
 +
|when=Thursday 20th of May 2010
 +
|where=/tmp/lab
 +
|intro=Easy way to pentest VoIP infrastructure.
 +
 
 +
Overview:
 +
 
 +
* Identification of the VoIP Product
 +
* VLAN hopping, accessing the voice VLAN from the data VLAN
 +
* VoIP accounts enumeration
 +
* Communication wiretapping and injection of sound during a call
 +
* Spoofing of phone profiles and identity spoofing
 +
* UNISTM attack on Cisco IP phones
 +
* Bypass of call restrictions and voice gateway abuse
 +
* Grab of SIP or IAX credentials
 +
* Denial of Service on VoIP servers and IP phones
 +
 
 +
Prerequisites:
 +
 
 +
* Python >= 2.5
 +
* An editor > vi
 +
* Scapy
 +
* Wireshark (optional)
 +
 
 +
 
 +
|by=[[User:Sn0rkY|Sn0rkY]]
 +
}}

Revision as of 11:04, 17 May 2010

  • Titre: VoIP hacking workshop
  • Par: Sn0rkY
  • Date: Thursday 20th of May 2010
  • Lieu: /tmp/lab

Easy way to pentest VoIP infrastructure.

Overview:

  * Identification of the VoIP Product
  * VLAN hopping, accessing the voice VLAN from the data VLAN
  * VoIP accounts enumeration
  * Communication wiretapping and injection of sound during a call
  * Spoofing of phone profiles and identity spoofing
  * UNISTM attack on Cisco IP phones
  * Bypass of call restrictions and voice gateway abuse
  * Grab of SIP or IAX credentials
  * Denial of Service on VoIP servers and IP phones

Prerequisites:

 * Python >= 2.5
 * An editor > vi
 * Scapy
 * Wireshark (optional)
Personal tools