Penetration Testing mailing list archives
VoIP Hopper: New test tool
From: "Jason Ostrom" <justiceguy () pobox com>
Date: Mon, 10 Sep 2007 12:46:11 -0500 (CDT)
http://voiphopper.sourceforge.net/ WHAT IS VOIP HOPPER? VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone. It first dissects either IEEE 802.3 or Ethernet II for Cisco Discovery Protocol (CDP) packets. If CDP is enabled on the switch port and the Voice VLAN feature is enabled, it will determine the Voice VLAN ID (VVID). This will allow the tool to create a new Ethernet interface on the PC that tags the 802.1q VLAN header in the Ethernet packet. After VoIP Hopper has created the new Ethernet device, it will send a DHCP client request. WHY? VoIP Hopper was written with the specific aim of improving security in VoIP environments by validating Layer 2 protection controls. REQUIREMENTS libpcap, linux, C Compiler. VoIP Hopper is designed for, and has been tested on, BackTrack linux. It runs just fine in a default installation of BackTrack. It has also been tested to compile and run on Fedora 7. It should compile and run on other versions of UNIX / Linux. It has been tested to dissect CDP packets on the following Cisco IOS Ethernet Switch platforms: 1. Catalyst 3550 2. Catalyst 3750 3. Catalyst 6513 with WS-X6148A-GE-45AF module WHERE CAN I GET IT? http://voiphopper.sourceforge.net ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- VoIP Hopper: New test tool Jason Ostrom (Sep 10)
- <Possible follow-ups>
- Re: VoIP Hopper: New test tool jpecou (Sep 12)