Tuesday, May 24, 2016

New Mascot and Tshirts!! and .. Kamailio World 2016 - 9 Years Of Friendly Scanning And Vicious SIP

On the presentation

Last week I had the pleasure of presenting something new at Kamailio World 2016. Great community and excellent feedback!

The presentation went through the following:
  • How and why SIPVicious was originally written and published
  • Those strange emails and phone calls asking for special version ;-)
  • RIPE's 1.1.1.0/24 experiment and how it was interesting in terms of SIP security
  • Sality pushing modified versions of SIPVicious
  • Attackers making use of insecure Tandberg systems to install SIPVicious
  • SVCrash - why it was published and how it worked
  • Security updates from the VoIP and PBX industry
  • Rewriting SIPVicious (various fails)
  • What happened since then and what I've been using during VoIP pentests that involve SIP
  • 2016, yet another rewrite on the way
  • New features in this latest rewrite attempt and how they show some important security issues

Some parts were sped up due to the limited time that I had for my presentation, but I think the main points were delivered. If you missed the conference, you can watch the video on Youtube.


T-shirts, mugs, hoodies and fluffy pillows

Oh and about those t-shirts - just published the new SIPVicious mascot design, gave away some swag and they ran out within minutes. So I decided to make it available to anyone who needs to have the friendly-scanner punk all to him or herself! Check out the Spreadshirt shop here.

Note to Finanzamt and any related entities:
I have removed any commission so that I get no financial profit out of this. Zero. Nil. 





Friday, May 13, 2016

Time flies! A summary of updates for the past few years and Kamailio World!

I just realised that I have not updated this blog since ages even if we have done some really cool stuff with SIP during that time. Unfortunately, many of the specifics are (to a certain extent) behind non-disclosure agreements.



However, here is a list of stuff that happened that has to do with SIPVicious (or not):

  • There was a release back in 20121210, v0.2.8
  • Like everyone else, we moved to Github
  • There were a number of bug fixes that one can get by using the repository version (see the commits)
  • And .. no rewrite has been published yet! but a new one is being worked on and it should prove pretty useful (once available).
  • A number of new VoIP security tools have been made public, including:
    • Bluebox-ng (unmaintained)
    • Viproy (VoIP Penetration Testing and Exploitation Kit)
    • vsaudit (VOIP Security Audit Framework)
In other news, I'll be presenting at Kamailio World 2016 in Berlin, with the title: A look back at 9 years of friendly scanning and Vicious SIP