25 May 2011 | 10,160 views

SIPVicious Tool Suite v0.2.6 – SIP/VoIP Security Auditing Tool

Check Your Web Security with Acunetix

SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. Why the name? Because the tools are not exactly the nicest thing on earth next to a SIP device. And the play on the sound seems to work. As an extra bonus, it rhymes with the name of Sex Pistol’s bass player.

It’s been a while since we wrote about SIPVicious, way back when it first came out in 2008 – SIPVicious v0.2.3 – VoIP/SIP Auditing Toolkit. It’s come a fair way since v0.2.3 so I thought it’s about time for an update (although v0.2.6 has been out since 2010), you can view the full ChangeLog here.

It currently consists of five tools:

  • svmap – this is a sip scanner. Lists SIP devices found on an IP range
  • svwar – identifies active extensions on a PBX
  • svcrack – an online password cracker for SIP PBX
  • svreport – manages sessions and exports reports to various formats
  • svcrash – attempts to stop unauthorized svwar and svcrack scans

Requirements

Python – SIPVicious works on any system that supports python 2.4 or greater.

There’s a good blog post covering the new stuff here too, mainly svcrash:

How to crash SIPVicious – introducing svcrash.py

You can download SIPVicious v0.2.6 here:

sipvicious-0.2.6.zip

Or read more here.



Recent in Hacking Tools:
- dirs3arch – HTTP File & Directory Brute Forcing Tool
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
- SHODAN – Expose Online Devices (Wind Turbines, Power Plants & More!)

Related Posts:
- SIPVicious v0.2.3 – VoIP/SIP Auditing Toolkit
- SpikeSource Spike PHP Security Audit Tool
- VIPER Lab’s VAST Live Distro – VoIP Security Testing LiveCD

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,856,981 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,042,313 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 618,669 views

Advertise on Darknet

One Response to “SIPVicious Tool Suite v0.2.6 – SIP/VoIP Security Auditing Tool”

  1. Rafael Santana de Sousa 25 May 2011 at 7:30 pm Permalink

    Hey, thank you for this site.

    Can I ask you something? A have a site that blocks ‘_’. I found a SQL Injection there. It’s a MySQL 5.1 nut I not able to exploit this because of this damn filter. So i can’t run SELECT schema_name FROM information_schema.schemata; or SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != ‘mysql’ AND table_schema != ‘information_schema’, etc.

    Do you know any way to bypass this filter?

    Thank you