Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Pentesting VoIP

176 views

Published on

*Basics
*Attack scenarios
*Attack methods

Published in: Technology
  • Login to see the comments

  • Be the first to like this

Pentesting VoIP

  1. 1. Pentesting voIP
  2. 2. Boring stuffs • allows you to make and receive telephone calls over the Internet • low international phone call rates to other countries • Protocols under voIP: • SIP(UDP -5060) • H.323 • RTP • Skype
  3. 3. • SIP: Requests • INVITE - establish connection • BYE - terminate • REGISTER – indicate client address to server • SIP: Responses • 1xx - responses to requests • 2xx: 200-level responses indicate a successful completion of the request • 3xx: redirection is needed for completion of the request. • 4xx: bad syntax • 5xx: The server failed to fulfil an apparently valid request • 6xx: This is a global failure
  4. 4. Attacks on SIP • Information gathering and foot printing • Eavesdropping and capturing traffic • VLAN hopping • Spoofing Caller ID • Identification of Denial of Service (DoS) vulnerabilities • Authentication Attacks
  5. 5. Demo !!
  6. 6. VoIP Checklist for Penetration Testers • VoIP-001 - VLAN hopping from data network to voice network • VoIP-002 - Extension Enumeration & Number Harvesting • VoIP-003 - Capturing SIP Authentication • VoIP-004 - Eavesdropping Calls • VoIP-005 - CallerID spoofing • VoIP-006 - RTP injection • VoIP-007 - Signaling Manipulation • VoIP-008 - Identification of insecure services • VoIP-009 - Testing for Default Credentials • VoIP-010 - Application level vulnerabilities • VoIP-011 - Voice Mail Attacks • VoIP-012 - Phone Firmware Analysis

×