Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support, Cisco CDP spoofer/sniffer, Cisco Skinny protocol analysers, VOSS exploits and network analysis modules. Furthermore, Viproy provides SIP and Skinny development libraries for custom fuzzing and analyse modules.
Copy "lib", "modules" and "data" folders' content to Metasploit Root "/" Directory.
Mixins.rb file (lib/msf/core/auxiliary/mixins.rb) should contain the following lines require 'msf/core/auxiliary/sip' require 'msf/core/auxiliary/skinny'
Installation - Metasploit Pro Edition
Copy "lib", "modules" and "data" folders' content to /opt/metasploit/apps/pro/msf3 directory.
Mixins.rb file (/opt/metasploit/apps/pro/msf3/lib/msf/core/auxiliary/mixins.rb) should contain the following lines require 'msf/core/auxiliary/sip' require 'msf/core/auxiliary/skinny'
VoIP Wars : Attack of the Cisco Phones (DEF CON 22 & Blackhat 2014)
VoIP Wars : Attack of the Cisco Phones - Live Demo Remake
DEF CON 21 - Fatih Ozavci - VoIP Wars Return of the SIP
Attacking SIP/VoIP Servers Using VIPROY VoIP Pen-Test Kit for Fun & Profit - Video (50 mins)
This is a training video for penetration testing of SIP servers.
Chapters of Training Video
1-Footprinting of SIP Services
2-Enumerating SIP Services
3-Registering SIP Service with/without Credentials
4-Brute Force Attack for SIP Service
5-Call Initiation with/without Spoof & Credentials
6-Hacking Trust Relationships
7-Intercepting SIP Client with SIP Proxy