Penetration Testing mailing list archives
RE: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs
From: "Sergio Castro" <sergio.castro () unicin net>
Date: Wed, 28 May 2008 17:52:28 -0500
Hi Jason, Thank you for your comments, I appreciate it. Indeed you are right, SIP runs on UDP on 5060. The TCP socket connection only tests if the port responds. Do you think it would be better to use UDP? I did think about adding 5061, but given the unfortunate fact that TLS is hardly ever used, and also to make the scan faster, I left it out for the time being. But I will add it in future versions. Thanks! :) Regards, Sergio -----Mensaje original----- De: Jason Ross [mailto:algorythm () gmail com] Enviado el: MiƩrcoles, 28 de Mayo de 2008 04:58 p.m. Para: Sergio Castro CC: pen-test () securityfocus com Asunto: Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs On Tue, May 27, 2008 at 4:00 PM, Sergio Castro <sergio.castro () unicin net> wrote:
What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port usually 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open.
Looking through the code, it's a very decent start, and a good idea IMO. One thing you may want to consider is that SIP generally runs on UDP/5060. Your portscan.py script calls both port 80 and 5060 with AF_INET and SOCK_STREAM which would mean TCP both times. It may make sense to break the SIP scan out such that it checks for both UDP and TCP port 5060 (and you may also want to add TCP/5061 to the mix, as SIP/TLS generally uses that port.) Other than that, like I said, a decent bit of work I think. Regards, Jason __________ NOD32 3142 (20080528) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- anti-spam appliance testing Bayu Notonegoro (May 23)
- Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)
- Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Jason Ross (May 28)
- RE: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)
- Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Jason Ross (May 28)
- Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs Sergio Castro (May 28)