Penetration Testing mailing list archives

Re: VoIP Pen test

From: "rajat swarup" <rajats () gmail com>
Date: Thu, 24 Jan 2008 22:54:36 -0500

On 23 Jan 2008 18:19:01 -0000,  <sisram2 () gmail com> wrote:

Hi Guys,


As mentioned earlier I have come across couple of Cisco routers having only ports 1720 and 5060 OPEN for VoIP 
service. I have attempted Sivus, SIPscan and Protos Fuzzer but invain.


Did you try port scanning on the TFTP UDP port? Check that
out....there's also a tool called TFTPBruteForcer (in perl) that could
be helpful.  Also, sniff on the VLAN (if you can) hosting the VoIP
infrastructure you could get SNMP strings that could give you more
information.  Attempt ARP spoofing between 2 systems if you can so you
don't cause a massive DoS and you could potentially steal
conversations with Cain (http://www.oxid.it).

Hope it helps,
Rajat.
-- 
Rajat Swarup

http://rajatswarup.blogspot.com/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

VoIP Pen test sisram2 (Jan 23)
- RE: VoIP Pen test Perez, Carlos (Puerto Rico) (Jan 25)
- Re: VoIP Pen test rajat swarup (Jan 25)