VOIPPACK 1.4 with added support for Cisco and Trixbox
Last week we distributed a new version of VOIPPACK with the following new tools: Cisco environment: vp_cucmjailbreak : Given an ssh username and password for CUCM’s restricted shell, this script creates a new root user and installs MOSDEF vp_ciscophonescanner : Searches for Cisco phones on the target network by using ... Read More
VOIPPACK update for February 2010 brings faster VoIP cracking and destruction
So it’s time to issue an update to VOIPPACK, with some new goodies! This update includes two new tools called “bypassalwaysreject” and “sipopenrelay” DoS exploits for Asterisk PBX called “asteriskdiscomfort”, “asterisksscanfdos” and “iax2resourceexhaust” Generic DoS exploit “sipinviteflood” Optimizations for the SIP Digest leak tool “sipdigestleak” and the SIP digest cracker ... Read More
WAF research media coverage and a response to Imperva
Our presentation at OWASP Europe in Krakow on Web Application Firewall shortcomings was featured on Darkreading, and Wendel was quoted in the article. Other sites and blogs (such as Heise) also mentioned the presentation. Imperva’s (which happens to be a WAF vendor) blog had some comments about the presentation as ... Read More
VOIPPACK for April adds Asterisk scanning, leaking phones and Troopers09
Announcing the VOIPPACK April edition supporting IAX2 and can now scan Asterisk servers. Because the feedback for sipautohack was great, we included a similar tool for the Asterisk protocol called iax2autohack in the April edition of VOIPPACK. The following are the new tools avialable in this update: iax2enumerate which like ... Read More
