WireBug is a set of tools for Voice-over-IP penetration testing. It is designed as a guide which makes it easy to use.
The tools are designed for individual use, so each tool is a single python or bash program.
Installation
Install the dependencies in requirements.txt and the python dependencies in requirements_python.txt. If you are experiencing problems to installation of netfilterqueue, you can download it from the source:
pip install -U git + https: //github.com/kti/python-netfilterqueue.git
Use configure.sh to download and create it Cisco Systems SRTP library.
Tools
- FullBridge: This is a simple bash script for creating a layer2 bridge with two defined interfaces.
- BridgeTrap: This script is useful in conjunction with the FullBridge tool. It will reflect the movement of the bridge (bridge) in a defined interface e.g. a raspberry pi with two interfaces for bridge and one as monitoring.
- DoubleEncapsulation: This python program will create a double packet ICMP and will send it to the destination – possible VLAN Hopping.
- TimeShift: Tool to respond to an NTP request in a man-in-the-middle position (also with FullBridge) with a past or future timestamp. You can easily check if the client (VoIP phone) checks the validity of the server certificate (SIPS, H.323s, HTTPS, LDAPS, etc.), or just use it as a DOS tool.
- VlanEnum: This bash script creates virtual 802.1Q interfaces with VLAN tags and waits for possible DHCP responses. If download was possible addresss IP, the interface will remain live, otherwise it will be deleted.
- SaCLaC: Includes two python programs. One for forging LLDP-MED packets to access the VoIP VLAN or to enable a DoS by instructing the client to set a VLAN tag and one to parse the CDP information of a PCAP file.
- DecodeSRTP: This script makes it easy to use SRTP library of Cisco systems to decrypt an SRTP-SDES stream if the AES key was extracted from the signal compartment.
- SIPCraft: This tool comes with some basic SIP messages (REGISTER, OPTIONS, CALL, BYE), but it is also for creating your own SIP message using the "- person" option. With this option you can save the SIP content to a plain text file and then forge it with the sip craft tool. The script supports TCP and UDP.
- CrackTheSIP: A simple brute force tool to break SIP digest authentication using a word list.
- ZRTPDowngrade: A tool for removing packages started with ZRTP in a man-in-the-middle position.
- EvilSTUN: A simple tool for fake STUN answers.
- SIPFuzz: A tool for SIP fuzzing.
- SIPEnum: This tool lists SIP extensions from a given file.
- SIPBrute: A tool for online brute force attacks against SIP proxies.
- RTPFuzz: A tool for removing random RTP packets (noise) in current streams.
Use
python3 wirebug.py
You can download the program from here.