Difference between revisions of "VoIP hacking workshop"
From Tmplab
(New page: * Date: Thursday 20th of May 2010) |
|||
| Line 1: | Line 1: | ||
| − | + | {{Workshop | |
| + | |title=VoIP hacking workshop | ||
| + | |when=Thursday 20th of May 2010 | ||
| + | |where=/tmp/lab | ||
| + | |intro=Easy way to pentest VoIP infrastructure. | ||
| + | |||
| + | Overview: | ||
| + | |||
| + | * Identification of the VoIP Product | ||
| + | * VLAN hopping, accessing the voice VLAN from the data VLAN | ||
| + | * VoIP accounts enumeration | ||
| + | * Communication wiretapping and injection of sound during a call | ||
| + | * Spoofing of phone profiles and identity spoofing | ||
| + | * UNISTM attack on Cisco IP phones | ||
| + | * Bypass of call restrictions and voice gateway abuse | ||
| + | * Grab of SIP or IAX credentials | ||
| + | * Denial of Service on VoIP servers and IP phones | ||
| + | |||
| + | Prerequisites: | ||
| + | |||
| + | * Python >= 2.5 | ||
| + | * An editor > vi | ||
| + | * Scapy | ||
| + | * Wireshark (optional) | ||
| + | |||
| + | |||
| + | |by=[[User:Sn0rkY|Sn0rkY]] | ||
| + | }} | ||
Revision as of 12:04, 17 May 2010
- Titre: VoIP hacking workshop
- Par: Sn0rkY
- Date: Thursday 20th of May 2010
- Lieu: /tmp/lab
Easy way to pentest VoIP infrastructure.
Overview:
* Identification of the VoIP Product * VLAN hopping, accessing the voice VLAN from the data VLAN * VoIP accounts enumeration * Communication wiretapping and injection of sound during a call * Spoofing of phone profiles and identity spoofing * UNISTM attack on Cisco IP phones * Bypass of call restrictions and voice gateway abuse * Grab of SIP or IAX credentials * Denial of Service on VoIP servers and IP phones
Prerequisites:
* Python >= 2.5 * An editor > vi * Scapy * Wireshark (optional)
