Navigation



XTest – VoIP Infrastructure Security Testing Tool

Last updated: September 9, 2015 | 4,796 views

Outsmart Malicious Hackers


What is XTest?

XTest is a simple, practical, and free, wired 802.1x supplicant security tool implementing the RFC 3847 EAP-MD5 Authentication method. It can be used to assess the password strength within wired ethernet environments that rely on 802.1x to protect IP Phones and the VoIP Infrastructure against rogue PC access. XTest is developed in C and freely available to anyone, under the GPLv3 license.
Why XTest?

XTest was developed with the specific aim of improving the security of environments that use 802.1x to protect IP Phone endpoints and their supporting VoIP Infrastructure. With the increasing prevalence of 802.1x Supplicant support in wired hard Phones, 802.1x will be increasingly used to ensure that remote IP Phones placed in areas with low physical security will have their directly connected ethernet switch ports secured against unauthorized access.

Furthermore, the tool can demonstrate the danger of relying solely on 802.1x, because the current wired 802.1x implementation only requires authentication when the port initially comes up/up. Subsequent packets are not authenticated, allowing an attacker to share a connection on a hub with the valid 802.1x supplicant, allowing unauthorized switchport access.

Features

  • 802.1x Supplicant: XTest can test the username and password against an 802.1x Authenticator (Ethernet Switch), and supports re-authentication. This is a simple and easy method of comparing the password against a valid 802.1x Supplicant running on an IP Phone or a PC.
  • Offline pcap dictionary attacK: If you capture a valid 802.1x authentication sequence into a pcap file, XTest will run a dictionary attack against the pcap using a supplied wordlist. XTest will elicit the password from the pcap if the dictionary file containst the valid password.
  • Shared Hub unauthorized access: Using a shared hub, XTest can use the successful authentication of a valid 802.1x supplicant to gain unauthorized access to the network.

Tested Platforms

802.1x Supplicants:

  • Cisco Unified IP Phone 7971G-GE
  • Cisco Unified IP Phone 7961G-GE
  • Cisco Unified IP Phone 7941G-GE
  • Cisco Unified IP Phone 7942G
  • Cisco Unified IP Phone 7945G

802.1x Authenticator:

  • Cisco Catalyst 3560 (WS-C3560G-24PS)

Radius Server:

  • CiscoSecure ACS 4.1

You can download XTest here:

xtest-1.0.tar

Or read more here.

Share
+1
Share
Shares 0
Posted in: Hacking Tools, Networking Hacking

,


Latest Posts:


StaCoAn - Mobile App Static Analysis Tool StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications.
April 24, 2018 - 97 Shares
snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
April 17, 2018 - 175 Shares
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
April 7, 2018 - 213 Shares
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
March 25, 2018 - 117 Shares
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
March 19, 2018 - 262 Shares
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
March 13, 2018 - 213 Shares


One Response to XTest – VoIP Infrastructure Security Testing Tool

  1. Gilberto September 13, 2008 at 12:38 am #

    Very nice (Y)