Security Basics mailing list archives

Re: pentesting voip network-please help

From: infolookup () gmail com
Date: Mon, 1 Feb 2010 22:57:45 +0000

Marco,

You might want to check out viper labs software download section (videojack videosnarf ucsniff) all useful tools, also 
checkout Defcon 17 achieve the did a nice presentation. 
www.twitter.com/infolookup

-----Original Message-----
From: mzcohen2682 () aim com
Date: Fri, 29 Jan 2010 13:14:04 
To: <security-basics () securityfocus com>
Subject: pentesting voip network-please help

 hi all !!

im doing an internal (lan) pentest for a voip network. the network has 
6 cisco call manager version 6.1.3 as a cluster. they have cisco phones 
7911 and 7941. they use a seperate vlan por the voip network.

I started by trying to download the images files for the phones from 
the tftp server by doing a brute force attack for the names of the 
files.

I have access to one of the 7941 phones so I checked that the verion of 
the image is 4.0/8.0 (9.0)
in not sure what should be the names for the file images that the 
phones reload after boot but according to cisco documentation there 
must be SIPdefault.cnf and OS79xx.txt on the root directory of the tftp 
server. but I tried and there are not..

so what are the nemes of the files? I read a documents that said that 
if im am able to download those files I will find lots of interseting 
information like phone passwords etc..

after that... I tried to capture some RTP conversations but without any 
success. I am connected to the voip vlan and used wireshark but It 
doesnt detect any calles ! shoud I do some arp spoofing attack? but to 
which mac's?

any other ideas how to continue with this pentest?

what I see is that although the client didnt implement encryption or 
any other security control just the vlan isnt not so eaxy to pentest a 
voip network..

thanks

marco

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

pentesting voip network-please help mzcohen2682 (Feb 01)
- Re: pentesting voip network-please help Joseph McCray (Feb 01)
- Re: pentesting voip network-please help J. Oquendo (Feb 01)
  - Re: pentesting voip network-please help Ivan . (Feb 02)
- Re: pentesting voip network-please help Jan Muenther (Feb 01)
- Re: pentesting voip network-please help infolookup (Feb 02)
- Re: pentesting voip network-please help Champ Clark III [Softwink] (Feb 04)
- <Possible follow-ups>
- Re: pentesting voip network-please help Duren, Preston David (Feb 01)