Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support, Cisco CDP spoofer/sniffer, Cisco Skinny protocol analysers, CUCDM exploits and network analysis modules. Furthermore, Viproy provides SIP and Skinny development libraries for custom fuzzing and analyse modules.
Current testing modules:
SIP Brute Force
SIP Trust Hacking
SIP UDP Amplification DoS
SIP Proxy Bounce
Skinny Call Forward
CUCDM Call Forwarder
CUCDM Speed Dial Manipulator
MITM Proxy TCP
MITM Proxy UDP
Cisco CDP Spoofer
Training: Tactical VoIP Hacking with Viproy - Troopers 15
Copy "lib", "modules" and "data" folders' content to Metasploit Root "/" Directory.
Mixins.rb file (lib/msf/core/auxiliary/mixins.rb) should contain the following lines require 'msf/core/auxiliary/sip' require 'msf/core/auxiliary/skinny'
Installation - Metasploit Pro Edition
Copy "lib", "modules" and "data" folders' content to /opt/metasploit/apps/pro/msf3 directory.
Mixins.rb file (/opt/metasploit/apps/pro/msf3/lib/msf/core/auxiliary/mixins.rb) should contain the following lines require 'msf/core/auxiliary/sip' require 'msf/core/auxiliary/skinny'
VoIP Wars : Attack of the Cisco Phones (Blackhat 2014)
VoIP Wars : Attack of the Cisco Phones (DEF CON 22 & Blackhat 2014)
VoIP Wars : Attack of the Cisco Phones - Live Demo Remake
DEF CON 21 - Fatih Ozavci - VoIP Wars Return of the SIP
Attacking SIP/VoIP Servers Using VIPROY VoIP Pen-Test Kit for Fun & Profit - Video (50 mins)
This is a training video for penetration testing of SIP servers.
Chapters of Training Video
1-Footprinting of SIP Services
2-Enumerating SIP Services
3-Registering SIP Service with/without Credentials
4-Brute Force Attack for SIP Service
5-Call Initiation with/without Spoof & Credentials
6-Hacking Trust Relationships
7-Intercepting SIP Client with SIP Proxy