Navigation



XTest – VoIP Infrastructure Security Testing Tool

Last updated: September 9, 2015 | 4,828 views

What is XTest?

XTest is a simple, practical, and free, wired 802.1x supplicant security tool implementing the RFC 3847 EAP-MD5 Authentication method. It can be used to assess the password strength within wired ethernet environments that rely on 802.1x to protect IP Phones and the VoIP Infrastructure against rogue PC access. XTest is developed in C and freely available to anyone, under the GPLv3 license.
Why XTest?

XTest was developed with the specific aim of improving the security of environments that use 802.1x to protect IP Phone endpoints and their supporting VoIP Infrastructure. With the increasing prevalence of 802.1x Supplicant support in wired hard Phones, 802.1x will be increasingly used to ensure that remote IP Phones placed in areas with low physical security will have their directly connected ethernet switch ports secured against unauthorized access.

Furthermore, the tool can demonstrate the danger of relying solely on 802.1x, because the current wired 802.1x implementation only requires authentication when the port initially comes up/up. Subsequent packets are not authenticated, allowing an attacker to share a connection on a hub with the valid 802.1x supplicant, allowing unauthorized switchport access.

Features

  • 802.1x Supplicant: XTest can test the username and password against an 802.1x Authenticator (Ethernet Switch), and supports re-authentication. This is a simple and easy method of comparing the password against a valid 802.1x Supplicant running on an IP Phone or a PC.
  • Offline pcap dictionary attacK: If you capture a valid 802.1x authentication sequence into a pcap file, XTest will run a dictionary attack against the pcap using a supplied wordlist. XTest will elicit the password from the pcap if the dictionary file containst the valid password.
  • Shared Hub unauthorized access: Using a shared hub, XTest can use the successful authentication of a valid 802.1x supplicant to gain unauthorized access to the network.

Tested Platforms

802.1x Supplicants:

  • Cisco Unified IP Phone 7971G-GE
  • Cisco Unified IP Phone 7961G-GE
  • Cisco Unified IP Phone 7941G-GE
  • Cisco Unified IP Phone 7942G
  • Cisco Unified IP Phone 7945G

802.1x Authenticator:

  • Cisco Catalyst 3560 (WS-C3560G-24PS)

Radius Server:

  • CiscoSecure ACS 4.1

You can download XTest here:

xtest-1.0.tar

Or read more here.

Share
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
0 Shares
Posted in: Hacking Tools, Networking Hacking

,


Latest Posts:


SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
April 30, 2019 - 211 Shares
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
March 5, 2019 - 506 Shares
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
February 27, 2019 - 230 Shares
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
February 25, 2019 - 242 Shares
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
February 4, 2019 - 292 Shares
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
January 20, 2019 - 245 Shares


One Response to XTest – VoIP Infrastructure Security Testing Tool

  1. Gilberto September 13, 2008 at 12:38 am #

    Very nice (Y)