SIPVicious 0.2.7 released and rewrite coming up, looking for testers!

Get it now! This is the last release in the 0.2 series which fixes a number of stability issues and bugs before moving on to a total rewrite.

Are you a SIPVicious user? Get in contact if you have a VoIP lab or simply want to test the rewrite of SIPVicious. The internal version already includes support for TCP, TLS and IPv6 ;-)

The changelog for this one:

• Feature: svcrash.py has a new option -b which bruteforces the attacker’s port 
• Feature: svcrack.py now tries the extension as password by default, automatically 
• Feature: svcrack.py and svwar.py now support setting of source port 
• Feature: new parameter –domain can be passed to all tools which specifies a custom domain in the SIP uri instead of the destination IP 
• Feature: new –debug switch which shows the messages recieved 
• Bug fix: Sometimes nonces could not be extracted due to an incorrect regex 
• Bug fix: Fixed an unhandled exception when decoding tags 
• Bug fix: now using hashlib when available instead of md5 
• Bug fix: removed the space after the SIP address in the From header which led to newer version of Asterisk to ignore the SIP messages 
• Bug fix: dictionaries with new lines made svcrack.py stop without this fix 
• Change: renamed everything to start with sv 
• Bug fix: changed the way shelved files are opened by the fingerprinting module 
• Change: fingerprinting disabled by default since it was giving too many problems and very little benefits

Download SIPVicious from http://code.google.com/p/sipvicious/