23 September 2008 | 7,439 views

ohrwurm – RTP Fuzzing Tool (SIP Phones)

Want to Learn Penetration Testing

ohrwurm is a small and simple RTP fuzzer, it has been tested it on a small number of SIP phones, none of them withstood the fuzzing.

Features:

  • reads SIP messages to get information of the RTP port numbers
  • reading SIP can be omitted by providing the RTP port numbers, so that any RTP traffic can be fuzzed
  • RTCP traffic can be suppressed to avoid that codecs learn about the “noisy line”
  • special care is taken to break RTP handling itself
  • the RTP payload is fuzzed with a constant BER
  • the BER is configurable
  • requires arpspoof from dsniff to do the MITM attack
  • requires both phones to be in a switched LAN (GW operation only works partially)

You can download ohrwurm 0.1 here:

ohrwurm-0.1.tar.bz2

Or read more here.

Post to Twitter Post to Facebook Post to Google Buzz Post to Delicious Post to Digg Post to Reddit Post to StumbleUpon


Tags: , , , , , , , , , , ,


# Posted in: Hacking Tools, Network Hacking, Programming | * Comments Off


Recent in Hacking Tools:
- Arachni v0.4 Released – High-Performance (Open Source) Web Application Security Scanner Framework
- Patator – Multi Purpose Brute Forcing Tool
- MySQLPasswordAuditor – Free MySQL Audit/Password Recovery & Cracking Tool

Related Posts:
- Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool
- Keep on Fuzzing! Advice
- Fuzzled – PERL Fuzzing Framework

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,627,804 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 897,188 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 503,725 views

Advertise on Darknet


Comments are closed.