Penetration Testing mailing list archives
Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs
From: "Jason Ross" <algorythm () gmail com>
Date: Wed, 28 May 2008 17:57:40 -0400
On Tue, May 27, 2008 at 4:00 PM, Sergio Castro <sergio.castro () unicin net> wrote:
What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port usually 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open.
Looking through the code, it's a very decent start, and a good idea IMO. One thing you may want to consider is that SIP generally runs on UDP/5060. Your portscan.py script calls both port 80 and 5060 with AF_INET and SOCK_STREAM which would mean TCP both times. It may make sense to break the SIP scan out such that it checks for both UDP and TCP port 5060 (and you may also want to add TCP/5061 to the mix, as SIP/TLS generally uses that port.) Other than that, like I said, a decent bit of work I think. Regards, Jason ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- anti-spam appliance testing Bayu Notonegoro (May 23)
- Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)
- Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Jason Ross (May 28)
- RE: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)
- Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Jason Ross (May 28)
- Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)