Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs
- From: "Sergio Castro" <sergio.castro@xxxxxxxxxx>
- Date: Tue, 27 May 2008 15:00:03 -0500
Many (if not most) VoIP devices have available a Web GUI for their
configuration,
management, and report generation. These Web GUIs are often on default,
meaning that
the moment you install the IP phone or IP PBX, the Web GUI is immediately
available
on the network. And unfortunately it is also common for the username and
password
to have default values.
Sipflanker will help you find these SIP devices with potentially vulnerable
Web GUIs
in your network.
What the application does is search the range of IPs you specify, and checks
if port
5060 is available. Whether open or close, port usually 5060 indicates the
presence of a SIP
device. Then it checks if port 80 (http) is open. The combination of an open
port 80,
together with port 5060, either open or closed, signals a probable SIP
device with a Web GUI.
Sipflanker then proceeds to extract the website, and fingerprint the device.
You can find default passwords for IP phones at
http://www.infosegura.net/passwords.htm
You can download sipflanker at http://code.google.com/p/sipflanker/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
- Follow-Ups:
- References:
- anti-spam appliance testing
- From: Bayu Notonegoro
- anti-spam appliance testing
- Prev by Date: Re: Identify rogue adsl modems routers in the network
- Next by Date: Re: Identify rogue adsl modems routers in the network
- Previous by thread: anti-spam appliance testing
- Next by thread: Re: Sipflanker finds fulnerable Web GUIs deployed by IP phones and PBXs
- Index(es):
