Command exten - Pepelux/sippts GitHub Wiki

SIPPTS exten identifies extensions on a SIP server. Exten module can check large network and port ranges.

Features

Exten allows us to:

  • Identify extensions on a SIP server.
  • Scan large ranges of networks.
  • Scan large ranges of extensions.
  • Connection via UDP, TCP or TLS protocol.
  • It tells you if the extension line requires authentication or not.
  • Analyze responses using verbose mode.
  • Allow us to customize the UserAgent.

Usage

$ sippts exten -h

Target:
  -i IP|HOST          Target IP address
  -r REMOTE_PORT      Remote port (default: 5060)
  -e EXTEN            Extensions to scan. Ex: 100 | 100,102,105 | 100-200 | 100,102,200-300 (default: 100-300)
  -pr PREFIX          Prefix for extensions, used for authentication
  -p PROTOCOL         Protocol: udp|tcp|tls (default: udp)
  -proxy IP:PORT      Use an outbound proxy (ex: 192.168.1.1 or 192.168.1.1:5070)

Headers:
  -m METHOD           Method used to scan: options, invite, register (default: register)
  -d DOMAIN           SIP Domain or IP address. Ex: my.sipserver.com (default: target IP address)
  -cd CONTACT_DOMAIN  Domain or IP address for Contact header. Ex: 10.0.1.2
  -fu FROM_USER       From User (default: 100)
  -ua USER_AGENT      User-Agent header (default: pplsip)

Log:
  -v                  Increase verbosity
  -vv                 Increase more verbosity
  -rc RESPONSE_CODE   Filter response code (ex: 200)
  -nocolor            Show result without colors
  -o FILE             Save data into a log file

Other options:
  -th THREADS         Number of threads (default: 200)
  -h, --help          Show this help

Example

$ sippts exten -i 192.168.2.203 -r 5080 -e 100-200

[!] IP/Network: 192.168.2.203
[!] Port: 5080
[!] Exten range: 100-200
[!] Protocol: UDP
[!] Method to scan: REGISTER
[!] Total threads: 100

 --------------------------------------------------------------------------------------------------
| IP address    | Port | Proto | Extension | Response         | User-Agent                         |
 --------------------------------------------------------------------------------------------------
| 192.168.2.203 | 5080 | UDP   | 100       | 401 Unauthorized | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
| 192.168.2.203 | 5080 | UDP   | 101       | 401 Unauthorized | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
| 192.168.2.203 | 5080 | UDP   | 102       | 403 Forbidden    | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
| 192.168.2.203 | 5080 | UDP   | 103       | 401 Unauthorized | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
| 192.168.2.203 | 5080 | UDP   | 104       | 401 Unauthorized | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
| 192.168.2.203 | 5080 | UDP   | 105       | 401 Unauthorized | Asterisk PBX 16.2.1~dfsg-1+deb10u2 |
 --------------------------------------------------------------------------------------------------