Penetration Testing mailing list archives
Re: VoIP Pen test
From: "rajat swarup" <rajats () gmail com>
Date: Thu, 24 Jan 2008 22:54:36 -0500
On 23 Jan 2008 18:19:01 -0000, <sisram2 () gmail com> wrote:
Hi Guys, As mentioned earlier I have come across couple of Cisco routers having only ports 1720 and 5060 OPEN for VoIP service. I have attempted Sivus, SIPscan and Protos Fuzzer but invain.
Did you try port scanning on the TFTP UDP port? Check that out....there's also a tool called TFTPBruteForcer (in perl) that could be helpful. Also, sniff on the VLAN (if you can) hosting the VoIP infrastructure you could get SNMP strings that could give you more information. Attempt ARP spoofing between 2 systems if you can so you don't cause a massive DoS and you could potentially steal conversations with Cain (http://www.oxid.it). Hope it helps, Rajat. -- Rajat Swarup http://rajatswarup.blogspot.com/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- VoIP Pen test sisram2 (Jan 23)
- RE: VoIP Pen test Perez, Carlos (Puerto Rico) (Jan 25)
- Re: VoIP Pen test rajat swarup (Jan 25)