Aug 18, 2015

Viproy VoIP penetration testing kit 2.99.1 is released.

Viproy VoIP penetration testing kit 2.99.1 is released. This version requires ruby 2.1.5/2.1.6 and current Github version of the Metasploit Framework.

Download: https://github.com/fozavci/viproy-voipkit

Pre-installed version: https://github.com/fozavci/metasploit-framework-with-viproy

New features:

  • SIP message and MSRP supports with SIP INVITE
  • MSRP message tester, MSRP and SDP PoC fuzzers
  • PoC client exploits for Boghe VoIP client 
  • and bug fixes for the current version of the Metasploit Framework.

New modules and libraries released:

  • MSRP library for MSRP messaging
  • Boghe VoIP Client INVITE PoC Exploit 
  • Boghe VoIP Client MSRP PoC Exploit 
  • SIP Message with INVITE Support 
  • Sample SIP SDP Fuzzer 
  • MSRP Message Tester with SIP INVITE Support 
  • Sample MSRP Message Fuzzer with SIP INVITE Support 
  • Sample MSRP Message Header Fuzzer with SIP INVITE Support 
Gönderen zaman:
Etiketler: , , ,

Aug 13, 2015

The Art of VoIP Hacking - DEF CON 23 Workshop Materials

The Art of VoIP Hacking workshop has beed provided during the DEF CON 23 USA last week. We have discussed about the VoIP vulnerabilities, design issues and current treats targeting the VoIP environments. In addition, we have also demonstrated the major attack vectors for the VoIP services including the advanced SIP attacks, exploitation of the VoIP server vulnerabilities, Cisco Skinny attacks, attacking Cisco hosted VoIP services (CUCM/CUCDM), decryption of the SRTP traffic and exploitation of the VoIP client vulnerabilities. Over than 35 attendees have used the Viproy VoIP Penetration Testing Kit to attack to the test environment which has samples for each attack exercises. The following materials are provided for the DEF CON 23 workshop, but also for the VoIP community to improve unified communications security. 

Read more »
Gönderen zaman:
Etiketler: , , , , , , , , ,
Subscribe to: Posts (Atom)