Beruflich Dokumente
Kultur Dokumente
1|Page
When capturing from a machine which is not the caller nor the callee
2|Page
Screen during an ongoing packet capture
3|Page
To gather data or decode VoIP calls:
4|Page
Select RTP stream(s) to analyze or decode
Click “Analyze”
5|Page
Call Network Statistics
Delay
Click “Player” to listen to captured stream
Jitter
Packet Loss
6|Page
Listening to Captured Packets:
Click Decode
7|Page
Click “Play”
8|Page
Server Stress Testing using SIPP
9|Page
At the Server:
Add these lines to the extensions.conf file (at
/etc/asterisk):
[sipp]
exten => 2005,1,Answer
exten => 2005,2,SetMusicOnHold(default)
exten => 2005,3,WaitMusicOnHold(20)
exten => 2005,4,Hangup
Reload Asterisk
http://www.voipphreak.ca/2007/04/17/using-sipp-to-stress-test-your-asterisk-14-pbx-system/
10 | P a g e
Limit at 30 Calls
11 | P a g e
Limit at 300 calls
12 | P a g e
Limit at 1,000 calls
13 | P a g e
Extension Enumeration & Password Cracking using SIPvicious
Extension Enumeration
Command:
./svwar.py –e0000-9999 192.168.1.100
http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP
14 | P a g e
Result:
All user extensions were found!!
15 | P a g e
Password Cracking
Command:
./svcrack -u6006 –r0000-9999 192.168.1.100
Server’s IP address
http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP
16 | P a g e
Result:
17 | P a g e
Notes:
Wireshark can only decode unencrypted RTP packets. Choose soft
phones that support sRTP or zRTP if you want your calls to be
encrypted but make sure that the Asterisk version you are using
supports sRTP or zRTP.
Use alphanumeric passwords. SIPvicious can only crack numeric
passwords.
Normally you would not be able to sniff out packets if end devices
are connected to a switch. The easiest way to test call networking
requirements would beby running wireshark on one of the
machines which are taking part of the call. You could use a third
machine to sniff out packets. The easiest way to do that is by
connecting the third machine (the one sniffing) and one of the
two machines taking part in a call to a hub. After, connect the hub
to the switch. Just make sure that your third machine’s NIC can
switch to promiscuous mode so that it could receive packets not
destined for itself.
18 | P a g e