Investigating VoIP ressources

Let’s run some test on a VoIP test environments with the tools of SIPvicious. The test setup contains the listed items:

  • 2 Cisco 7960 phones (wired)
  • 1 Android phone with csipimple (wireless)
  • 1 Empathy client (wireless)
  • FreePBX with asterisk (wired)

I’m using svmap.py to get an overview of the network and its clients.

Now we do same as previously but in verbose mode.

Let’s check for the clients with a wireless connection. The Android phone and the client with empathy.

It seams that svmap.py is a bit limited in detecting soft-phone. The client with Empathy was not found with svmap.py.

According to the SIPvicious tutorial the next step is to use svwar.py to identify the extensions.

With --force the output is more detailed.

There is no extension 100. not able to detect any of the extensions. Another try with a defined range of extensions.

In both cases the issue seams to be based on "Bad user = SIP/2.0 401". At the moment I have no idea how to by pass this without modifying the source code.

This entry was posted in Alpine Linux, IP Telephony, Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.