Re: [NSE] sip-extensions.nse

[David Fifield <david () bamsoftware com>]

On Sat, Jun 30, 2012 at 11:14:41AM +0100, Hani Benhabiles wrote:
> On 06/29/2012 09:07 PM, Patrik Karlsson wrote:
> > There seems to be some overlap here with sip-enum-users?
> > Or am I missing something?
>
> Hi Patrik,
>
> SIP servers in the wild use usually either usernames or numbers as
> extensions. The later seems to be more common as I came across it
> more often and given how many testing tools and suites (i.e
> sipvicious, metasploit aux etc...) focus on scanning ranges of
> numbers (with things such as padding 0's) rather than on usernames
> from a dictionnary list. I believe having two separates scripts that
> do simple and effective work depending on the situation is better
> than one bloated script with many options and requiring the user to
> supply many script-arguments.

I disagree with this thought. There should not be two scripts with two
implementations of what is basically the same function.

Both scripts should be the same script and should probably use the brute
library. A custom user name iterator can handle creating all the numeric
extensions. There are not many name in usernames.lst, so checking them
in addition to extensions will not be much more cost.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/