[Voptalk] SiVuS Authentication Analysis - Realtime Analysis
Raul Siles
raul.siles at gmail.com
Thu Jul 19 18:35:47 EDT 2007
Hi everybody,
I'm running some lab tests using X-Lite softphones, Asterisk and SiVuS
1.09. In particular, I'm using the Realtime Analysis module to perform
a password guessing attack.
I've selected the following SIP request-line:
REGISTER UDP 2003 at domain:5060
After selecting the usernames and passwords files (both are text files
containing one word for the usernames file (the target username,
"2003"), and multiple single-word lines for the passwords file), and
clicking on Start, I've checked that only one REGISTER message is
sent.
Taking network traces I've verified that this message does not
includes the "Authorization:" field (un-authenticated). The VoIP
server responds with a 401 message and a challenge (nonce) asking for
authentication, but the tool never replies back with the response to
the challenge.
It also seems, based on the tool output, that only the first word from
the passwords file is tried.
Should the Realtime Analysis module work? Is there something obvious
I'm doing wrong?
Thanks,
Raul Siles
More information about the Voptalk
mailing list