Descripción general - nitsuga1986/sipot GitHub Wiki
Descripción general:
SIPOT es una herraminta interactiva que permita auditar sistemas VoIP basados en SIP. La misma fue desarrollada de manera modular y pensada para ser reutilizada y modificada. La misma posee tres módulos base que realizan ataques comunes en sistemas sip: Flooding, Fuzzing, Spoofing. La presente herramienta soporta ataques en redes IPv6.
- Flooding
- Fuzzing
- Spoofing
Opciones básicas
Generales
--version show program's version number and exit
-h, --help show this help message and exit
-v, --verbose enable verbose mode for this module
-V, --verbose-all enable verbose mode for all modules
Opciones de red
--transport=TRANSPORT
the transport type is one of "udp", "tcp" or "tls".
Default is "udp"
--int-ip=INT_IP listening IP address for SIP and RTP. Use this option
only if you wish to select one out of multiple IP
interfaces. Default "0.0.0.0"
--port=PORT listening port number for SIP UDP/TCP. TLS is one more
than this. Default is 5092
--fix-nat enable fixing NAT IP address in Contact
--max-size=MAX_SIZE
size of received socket data. Default is 4096
--interval=INTERVAL
The interval argument specifies how often should the
sock be checked for close, default is 180 s
Opciones básicas del protocolo SIP
--username=USERNAME
username to use in my SIP URI and contacts. Default is
"nitsuga"
--pwd=PASSWORD set this if REGISTER requires pasword authentication.
Default is empty "" to not set. A list of passwords
can be provided in the form of pwd1,pwd1,...,etc.
--domain=DOMAIN domain portion of my SIP URI. Default is to use local
hostname, which is "nitsuga-CX61-laptop"
--proxy=PROXY IP address of the SIP proxy to use. Default is empty
"" to mean disable outbound proxy
--to=TO the target SIP address, e.g., '"Henry Sinnreich"
<sip:[email protected]>'. This is mandatory
--from=FROMADDR the user SIP address, e.g., '"Henry Sinnreich"
<sip:[email protected]>'.
--uri=URI the target request-URI, e.g., "sip:[email protected]".
Default is to derive from the --to option
--register enable user register befor sending messages
--reg-username=REG_USERNAME
username used to for register. If not porvided
--username will be used.
--reg-ip=REGISTRAR_IP
Registrar IP. If not provided is extracted from to
address: A registrar is a server that accepts REGISTER
requests and places the information it receives in
those requests into the location service for the
domain it handles.
--register-interval=REGISTER_INTERVAL
registration refresh interval in seconds. Default is
3600
--reg-refresh Auto refresh registration. The refresh argument can be
supplied to automatically perform registration refresh
before the registration expires. Do not perform
refresh by default.
Selección del modulo a utilizar
-M SIPOT_MODE, --sipot-mode=SIPOT_MODE
flooding / fuzzing / spoofing. set the mode of attack
for SIPOT. Default is flooding.
Ejemplos de prueba
Registrar una extensión SIP:
python sipot.py --register --username 109 --pwd abc123 --reg-ip 192.168.56.77
Dependencias:
Todas las dependencias han sido embebidas dentro del paquete. Pueden encontrarse las librerías utilizadas dentro de la carpeta /lib.
39 Peers
"The 39 Peers project aims at implementing an open-source peer-to-peer Internet telephony software using the Session Initiation Protocol (P2P-SIP) in the Python programming language."
- Link: 39 Peers .
- Licencia: GNU/GPL.
- Uso: Librería básica del protocolo SIP.
Multitask 0.2.0
"Cooperative multitasking and asynchronous I/O using generators"
- Link: Multitask 0.2.0.
- Licencia: MIT License.
- Uso: Para generar tareas simultaneas.
Sulley
"Pure Python fully automated and unattended fuzzing framework"
- Link: Sulley.
- Licencia: GNU GPL v2.
- Uso: Para generar los mensajes y mutarlos en el modo fuzzing.
Scapy
"Scapy is a powerful interactive packet manipulation program."
- Link: Scapy.
- Licencia: GNU GPL v2+.
- Uso: Para realizar sniffing the la red en busca de paquetes para el modo de spoofing automático.