SIPVicious
The SIPVicious tools are used to audit SIP devices. svmap lists SIP devices found on an IP range, svwar identifies active extensions on a PBX, and svcrack is an online password cracker for SIP PBX. svreport manages sessions and exports to PDF, XML, CSV, and plain text.
| Tags | Security Communications Internet Phone |
|---|---|
| Licenses | GPLv2 |
| Implementation | Python |
Recent releases
- 10 Aug 2008 19:04
Changes: svwar.py can now scan for templated numbers. This allows more flexible usage of ranges of numbers, allowing for prefixes and suffixes as need be. svwar.py now sends ACK to be nice to other devices. Each tag is padded with a unique 32 bit. Contact header is always added to the request to always send well-formed SIP requests. Large data is sent fragmented now (mysendto). svwar.py handles new SIP response codes.
- 04 Jun 2008 07:51
Changes: Fingerprinting support was added for svmap. fphelper.py and three databases used for fingerprinting were included. svlearnfp.py was added, which allows one to add new signatures to a database and send them to the author. A DNS SRV check was added to svmap. The ability for svreport to count results when doing a list was added. A bug related to resuming a scan which does not have an extension was fixed.
- 07 Nov 2007 06:59
Changes: Session state is now saved and svmap supports sending INVITE to particular extensions. The rest of the changes are mostly bugfixes and stability improvements.
- 09 Oct 2007 10:15
Changes: Notable features include session support, which allows you to resume previous scans as well as store the results in database format. Previous results may be exported to various formats: PDF, XML (HTML), CSV, and plain text. Updating may be done easily by making use of subversion (svn update). The UI was improved. The help was made more intuitive. The output was cleaned. More debug information is shown when needed. Random scanning techniques were implemented.
- 05 Aug 2007 16:48
No changes have been submitted for this release.
