Practical VoIP Penetration Testing Using Mr. SIP

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/49704 (DOI)

Publisher

DEF CON

Release Date

2020

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

In this talk, we will introduce the most comprehensive offensive VoIP security tool ever developed, Mr.SIP (comprehensive version). We will make a live attack demonstration using Mr.SIP in our security laboratory. Furthermore, we will also introduce novel SIP-based attacks using the vulnerabilities we found in the SIP retransmission mechanism and reflection logic. Mr.SIP is developed to assist security experts and system administrators who want to perform security tests for VoIP systems and to measure and evaluate security risks. It quickly discovers all VoIP components and services in a network topology along with the vendor, brand, and version information, detects current vulnerabilities, configuration errors. It provides an environment to assist in performing advanced attacks to simulate abuse of detected vulnerabilities. It detects SIP components and existing users on the network, intervenes, filters and manipulates call information, develops DoS attacks, breaks user passwords, and can test the server system by sending irregular messages. Status-controlled call flow and ability to bypass anomaly systems stand out as Mr.SIP’s unique aspects. It also has strengths and competencies in terms of advanced fake IP address generation, fuzzing, password cracker, interactive inter-module attack kit, and MiTM features.In this talk, we will introduce the most comprehensive offensive VoIP security tool ever developed, Mr.SIP (comprehensive version). We will make a live attack demonstration using Mr.SIP in our security laboratory. Furthermore, we will also introduce novel SIP-based attacks using the vulnerabilities we found in the SIP retransmission mechanism and reflection logic. Mr.SIP is developed to assist security experts and system administrators who want to perform security tests for VoIP systems and to measure and evaluate security risks. It quickly discovers all VoIP components and services in a network topology along with the vendor, brand, and version information, detects current vulnerabilities, configuration errors. It provides an environment to assist in performing advanced attacks to simulate abuse of detected vulnerabilities. It detects SIP components and existing users on the network, intervenes, filters and manipulates call information, develops DoS attacks, breaks user passwords, and can test the server system by sending irregular messages. Status-controlled call flow and ability to bypass anomaly systems stand out as Mr.SIP’s unique aspects. It also has strengths and competencies in terms of advanced fake IP address generation, fuzzing, password cracker, interactive inter-module attack kit, and MiTM features.