Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs

["Sergio Castro" <sergio.castro () unicin net>]

Many  (if not most) VoIP devices have available a Web GUI for their
configuration,
management, and report generation. These Web GUIs are often on default,
meaning that
the moment you install the IP phone or IP PBX, the Web GUI is immediately
available
on the network. And unfortunately it is also common for the username and
password
to have default values.

Sipflanker will help you find these SIP devices with potentially vulnerable
Web GUIs
in your network. 

What the application does is search the range of IPs you specify, and checks
if port
5060 is available. Whether open or close, port usually 5060 indicates the
presence of a SIP
device. Then it checks if port 80 (http) is open. The combination of an open
port 80,
together with port 5060, either open or closed, signals a probable SIP
device with a Web GUI.

Sipflanker then proceeds to extract the website, and fingerprint the device.
You can find default passwords for IP phones at
http://www.infosegura.net/passwords.htm

You can download sipflanker at http://code.google.com/p/sipflanker/


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------