Sip with scapy
3,255 views
Skip to first unread message
khusha...@gmail.com
Jan 3, 2012, 3:17:27 AM1/3/12
to T
Hi All,
How to perform SIP testing using scapy.
I googled a lot unable to find the related doc. If anyone had a experience on this. Please share your views.
How to perform SIP testing using scapy.
I googled a lot unable to find the related doc. If anyone had a experience on this. Please share your views.
Regards
khushal Srivastava
Srinivas Naik
Jan 4, 2012, 9:11:34 PM1/4/12
to null-...@googlegroups.com
Kushal,
Are you looking for building a simple SIP packet...
or Trying to involve RTP also in it?
Cheers,
0xN41K
--
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
khusha...@gmail.com
Jan 4, 2012, 9:15:33 PM1/4/12
to T
I am trying to involve both of them
khushal Srivastava
From: Srinivas Naik <naik....@gmail.com>
Sender: null-...@googlegroups.com
Date: Thu, 5 Jan 2012 07:41:34 +0530
ReplyTo: null-...@googlegroups.com
Subject: Re: [null] Sip with scapy
TAS
Jan 5, 2012, 4:23:30 PM1/5/12
to null-...@googlegroups.com
Link below should be a good read
http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP
http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP
Hope that helps
-
TAS
http://twitter.com/p0wnsauc3
Srinivas Naik
Jan 5, 2012, 8:52:27 PM1/5/12
to null-...@googlegroups.com
That was a good resource....
Also, Im giving a sample code
#!/usr/bin/python
from scapy.all import *
client = "192.168.10.1"
server = "192.168.10.5"
from scapy.all import *
client = "192.168.10.1"
server = "192.168.10.5"
client_port = 5061
server_port = 5060
server_port = 5060
#SIP Payload
sip = ("INVITE sip:105@" + server + " SIP/2.0\r\n"
"To: <sip:" + server + ":5060>\r\n"
"Via: SIP/2.0/UDP localhost:30000\r\n"
"From: \x22xtestsip\x22<sip:" + server + ":30000>\r\n"
"Call-ID: f9844fbe7dec140ca36500a0c91e6bf5@localhost\r\n"
"CSeq: 1 INVITE\r\n"
"Max-Forwards: 70\r\n"
"Content-Type: application/sdp\r\n"
"Content-Length: -1\r\n\r\n")
sip = ("INVITE sip:105@" + server + " SIP/2.0\r\n"
"To: <sip:" + server + ":5060>\r\n"
"Via: SIP/2.0/UDP localhost:30000\r\n"
"From: \x22xtestsip\x22<sip:" + server + ":30000>\r\n"
"Call-ID: f9844fbe7dec140ca36500a0c91e6bf5@localhost\r\n"
"CSeq: 1 INVITE\r\n"
"Max-Forwards: 70\r\n"
"Content-Type: application/sdp\r\n"
"Content-Length: -1\r\n\r\n")
pkt= Ether()/IP(src=client, dst=server)/TCP()/sip
wrpcap("sip_pkt.pcap",pkt)
send(sip)
send(sip)
Modify as per ur convenience...... I hope this gets you much clarity.
Cheers,
0xN41K
khusha...@gmail.com
Jan 6, 2012, 2:19:55 AM1/6/12
to T
As much as I have studied, SIP can communicate on TCP and UDP. On which scenario SIP goes to TCP.
Date: Fri, 6 Jan 2012 07:22:27 +0530
Srinivas Naik
Jan 6, 2012, 9:49:28 AM1/6/12
to null-...@googlegroups.com
UDP comes into picture when RTP is involved.
The Voice Part.
So, in general SIP works on TCP and for RTP it uses UDP.
Cheers,
0xN41K
khusha...@gmail.com
Jan 6, 2012, 10:07:51 AM1/6/12
to T
I think if SIP devices are communicating within firewall,then it will work on UDP and if devices are outside firewall then on TCP.
Correct me if I m wrong.
Correct me if I m wrong.
Date: Fri, 6 Jan 2012 20:19:28 +0530
Chandu NSA
Jan 12, 2012, 7:41:31 AM1/12/12
to null-...@googlegroups.com
I Found Good Link about SIP PenTest : http://www.reddit.com/tb/ocmbe
Reply all
Reply to author
Forward
0 new messages