Click here to load reader
Upload
june-farmer
View
240
Download
1
Tags:
Embed Size (px)
Citation preview
Slide 1
PROJECT BY:KARNATI VAMSI KRISHNAVANKANA SIVA SAKETH REDDYVOIP EXPLOITS USING KALI LINUX TOOLS
1CONTENTSProject TitleTools UsedSIPSAKMetasploitXPLICOImplementationsProblems FacedReferencesPROJECT TITLEPen testing and Exploits using KALI Linux Tools
TOOL USEDSIPSAK:
This tool can be used testing SIP devices & applications.This can be done just by using OPTION req method.In our project we used it to Fingerprint the SIP device.IMPLEMENTING SIPSAK WE USED THIS TOOL TO FINGERPRINT THE SIP DEVICES.COMAND: sipsak vv s sip:10.103.5.217
TOOL USEDMETASPLOIT:Using the Modules & Auxiliaries available in Metasploit framework VoIP can be exploited. This framework can be used for several attacks.We can use it for enumerating SIP extensions.We can use it for creating fake SIP invite request, which makes the target device ring.
IMPLEMENTING METASPLOITWE USED THIS TOOL TO ENUMERATE DEVICES AND TO FLOOD INVITE REQUESTS TO SIP DEVICES.COMMANDS:Use auxiliary/scanner/sip/optionsUse auxiliary/voip/sip-invite-spoofRESULTS:SIP Devices are enumeratedSIP device receives several invite requests, which cause for multiple Rings.
IMPLEMENTING XPLICOWE USED THIS TOOL TO CAPTURE SIP TRAFFICCOMMANDS:
SIPCRACK TOOLCOMMAND: sipdump p auth.txtDumps the authentication data from PCAP file into auth.txt
Sipcrack w auth.txtCracks the password of the Sip device
TOOLS TRIEDSIPSAKMETASPLOITSIPCRACKVOIPONGVOMITXPLICO
REFERENCES:www.google.comhttp://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIPhttp://www.enderunix.org/voipong/manual/book.html#INSTALLATIONhttp://zer0byte.com/2013/03/19/kali-linux-complete-tools-list-installation-screen-shots/http://www.offensive-security.com/metasploit-unleashed/Msfconsole_Commands#path