Sunday, January 24, 2016
VoIP Sniffer - UCSniff
UCSniff is a Proof of Concept tool to demonstrate the risk of unauthorized recording of VoIP and Video – it can help you understand who can eavesdrop, and from what parts of your network. It is intended for next generation enterprise VoIP/UC Infrastructures that rely on Voice VLANs to segment UC applications for QoS requirements.
UCSniff was born from pentesting and the “VoIP Hopper” tool as an idea to combine automated Voice VLAN Discovery and VLAN Hop with MitM, along with targeted VoIP attacks against users in the VoIP Corporate Directory. Eavesdropping is one of many potential UC-specific attacks that can take place, and UCSniff can be used by other researchers and security professionals as a base tool to explore this idea. UCSniff is a text and GUI application, written in C/C++, that runs in the Linux and Windows OS environment. It is freely available under the GPLv3 license for anyone to download and use.
UCSniff bundles a hodgepodge of previously available open-source applications into a single software package that helps penetration testers assess the security of VoIP calls carried over a client’s network. It also introduces several new features that make eavesdropping on specific targets a point-and-click undertaking.
UCSniff runs on a laptop that can be plugged in to the ethernet port of the organization being probed. From there, a VLAN hopper automatically traverses the virtual local area network until it accesses the part that carries VoIP calls. Once the tool has gained unauthorized access, UCSniff automatically injects spoofed ARP, or address resolution protocol, packets into the network, allowing all voice traffic to be routed to the laptop.
UCSniff streamlines eavesdropping by allowing an attacker to zero in on the conversations of particular users. Targets can be selected by extension number or dial-by-name features, making it easy to listen to all calls made by a specific individual – such as an organization’s CEO. Eavesdropping can be further fine-tuned by listening only to calls
“It’s silently intercepting all the traffic and forwarding it to the phone, so a regular phone user would not be able to tell the difference,”
VoIP Sniffer: UCSniff Features
ºUC Sniffer with VoIP and IP Video Support
ºRealtime Video and VoIP Monitor (SIP)
ºAutomated Voice VLAN Discovery (CDP)
ºVLAN Hop Support
ºSniffing across Ethernet Switches
ºAutomatic creation of forward and reverse RTP audio streams into a single wav file
ºAutomatic creation of two avi files (forward and reverse video) for H.264 Video codec
ºAutomatic recording and saving of conversations using G.711 u-law and a-law codecs
ºAutomatic recording and saving of conversations using G.722, G.729, G.726, G.723 and ºWebRTC iSAC codecs (Note: G.729, G.723, G.726 codecs only work with a 32-bit Linux OS)
ºMitM ARP Poisoning and host management support
ºMonitor Mode (Span Session, Hub)
ºTracking and tracing of users, with logging
ºSupport for Cisco SIP, Cisco Skinny, RFC 3261 SIP
ºSupport for Cisco UCM 6.1, 7.0, 7.1, 8.0.2 Skinny (SCCP)
ºTarget Mode (Target User)
ºCorporate Directory Tool and functions (ACE)
ºARP Saver Tool to restore network in emergencies
ºGratuitous ARP Disablement Bypass
ºTFTP MitM Modification of IP Phone Settings
ºGUI Support in Windows and Linux
ºGUI Skin or Theme selection
ºOnly requires 1 phone (not both) in source VLAN in order to capture entire conversation
ºNew VideoSnarf tool outputs media files (audio, video) from pcap
ºSniffing and logging of Microsoft OCS IM Conversations
ºSupport for eavesdropping on Avaya SIP, Avaya H.323 media re-construction
ºUC Keystroke logger, for interception of dialed keypad digits (SCCP only)
ºAbility to enable/disable audio/video file mixing via checkbox in GUI
ºSupport for user specified command to mix audio and video files
Search
Translate
Popular Posts
-
In this post, we will explore a Python script designed to parse logs containing url:user:pass data. These logs are instrumental in executin...
-
LeakSearch is a simple tool to search and parse plain text passwords using ProxyNova COMB (Combination Of Many Breaches) over the Interne...
-
As mobile applications become more integral to our daily lives, ensuring their security is paramount. Vulnerabilities in mobile apps can exp...
Categories
#Snowden
Active Directory Attacks
Analysis
Android
Android Hack
Android Pentest
Anonimato
Anonymity
Anti-Forensic
Anti-Forensic Tools
Anti-Government
Anti-System
Apache
API Hacking
APK
ARM
Assembly
Attack Map
Auditing Tool
Automation Tools
AvKill
AWS Pentest
Backdoor
Bind
BlueTeam
Bluetooth
Bot
botnet/DDoS
Bounty
Brute Force
Bypass
Certificate
Cheat Sheet
Cloud Forensics
Cloud Pentest
Courses
Cryptography
CTF Engine
CVEs
Cyber Forensics
Cyber War
Data Base
DeepWeb
DevSecOps
Disassembler
DLL Hijacking
Dns Enumeration
Dns Recon
Dns Spoof
Documentary
DoS
Downloads
DUMP
Elearn Security
Email Hacking
Encrypted DNS
Engenharia Reversa
Enumeration
Evasion
EXIF
Exploit
Exploitation Tools
Exposed Leaked
Fake
Filmes e Documentários
Fingerprint
Firewall
Footprint
Frameworks
Fuck The System
Fuzzer
GeoIP
Google Hacking
Hackers
Hackers News
Hackers Tools
Hacking
Hacking Ebook's
Hacking Vídeos
Hacktivism
Hardening
Hardware
Hardware Hack
Hidden
HIDS
Honeypots
How to exit the Matrix
IDS
IDS/IPS
Incident Response
Information Gathering
iOS
IoT
JAVA
Kali
Kali Linux
Keylogger
Labs
Leaked
Leaks
Leave The Matrix
Linux
Linux System
Mac
Malware
Malware Analysis
MetaSploit
Mind Map
MIPS
MITM
Monitoring
Movies
Network
Networking
New World Order
Nmap
Offensive Politics
Offensive Sec
OffSec
OffSec Exclusive Tools
Open Your Mind
OpenSSL
Os Sec
OSINT Tools
OWASP ZAP Scanner
Password Capture
Password Cracking
Passwords
Payload
PCC
PDF
Pentest
Pentest Tools
Phishing Attacks
Phones
PHP
Port Scan
Post-Exploitation Tool
PowerShell
Pr1v8
Privacidade
Privacy
Privilege Escalation
Projects
Proxy
Python
Ransomware
RAT
Recover File and Disk Analyzer
Red Team
Redes
Remote
Reverse
Reverse Engineering
Reverse Shell
RFID
Rootkit
Scan Tools
Security
Security Ebook's
Seriados
Series
Shell
Shell PHP
Shellcode
Shodan
Sniffer
Social Engineering
Source Code
Spoofing
SQLinjection
SSL
Stealer
Steganography
Stress Testing
Study
Subdomain Discovery
SysInternals
Telnet
The Theory of Conspiracy
Threat Intelligence
Tools
Tor
Trojan
Tutorials
Unix System
URL Inspector
Usb Boot
Virtual Machine
Virus
VoIP
VPN
Vulnerabilities
Vulnerability Analysis
WAF
Web Applications
Web Pentesting
Whois
Wifi-Hacks
Windows
Wireless Hacking
Word List
WordPress
X86
XSS
0 comentários:
Post a Comment
Note: Only a member of this blog may post a comment.