-
Notifications
You must be signed in to change notification settings - Fork 0
/
nmap-for-VoIP-pentesting.txt
38 lines (34 loc) · 1.58 KB
/
nmap-for-VoIP-pentesting.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
this script helps you to test the hardness of your SI accounts, it can be improved to use more relevant wordlists.
nmap scripts for VoIP analyses
Posted on September 3, 2011 by Fabian Affolter
The standard installation of nmap on Fedora contains already plenty of scripts which can be used with NSE.
All scripts are located at /usr/share/nmap/scripts.
The first step is to add SIP support for nmap. Switch to the nselib directory and download the dependencies for sip-brute.
1 cd /usr/share/nmap/nselib
2 sudo wg et http://nmap.org/svn/nselib/sip.lua
3 sudo wg et http://nmap.org/svn/nselib/creds.lua
The same with sip-brute but sip-brute goes to another directory.
1 cd /usr/share/nmap/scripts
2 sudo wg et http://nmap.org/svn/scripts/sip-brute.nse
The last step is to update the plugin database of nmap.
1 sudo nmap --script-updatedb
2 Starting Nmap 5.51 ( http://nmap.org ) at 2011-09-03 10:40 CEST
3 NSE: Updating rule database.
4 NSE: Script Database updated successfully.
5 Nmap done: 0 IP addresses (0 hosts up) scanned in 0.35 seconds
Let’s run nmap against the server.
1 sudo nmap -sU -p 5060 10.0.0.12 --script=sip-brute
2
3 Starting Nmap 5.51 ( http://nmap.org ) at 2012-09-03 10:41 CEST
4 baduser-8402 badpass-3944
5 Nmap scan report for 10.0.0.12
6 Host is up (0.0051s latency).
7 PORT STATE SERVICE
8 5060/udp open|filtered sip
9 | sip-brute:
10 | Accounts
11 | No valid accounts found
12 | Statistics
13 |_ Perfomed 50010 guesses in 187 seconds, average tps: 285
14
15 Nmap done: 1 IP address (1 host up) scanned in 187.21 seconds