VideoJak – IP Video Security Assessment Tool


What is VideoJak?

VideoJak is an IP Video security assessment tool that can simulate a proof of concept DoS against a targeted, user-selected video session and IP video phone. VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264.

VideoJak works by first capturing the RTP port used in a video conversation and analyzing the RTP packets, collecting the RTP sequence numbers and timestamp values used between the phones. Then VideoJak creates a custom video payload by changing the sequence numbers and timestamp values used in the original RTP packets between the two phones. After the user selects a targeted phone to attack in an ongoing video session, VideoJak delivers the payload over the learned RTP port against the target. This attack results in severely degraded video and audio quality.

Overview

VideoJak is designed in consideration of todays UC infrastructure implementions in which QoS requirements dictate the separation of data and VoIP/Video into discrete networks or VLANs. VideoJak is a proof of concept security assessment tool that can be used to test video applications. Future versions of the tool will support more exciting features.

Features

  • VLAN Discovery (CDP) and VLAN Hop
  • Call pattern tracking for SIP and SCCP signaling protocols
  • Audio codec (G.711u, G.722) and Video codec (H.263, H.264) support
  • Creates custom payload from H.263/H.264 packet capture
  • MitM functions and host management
  • Allows user to select ongoing video call from a menu
  • Allows user to select a targeted IP Phone for DoS within the video session
  • Enables the user to send the attack during an active, ongoing video call

You can download VideoJak here:

videojak-1.00.tar.gz

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Privacy

, , , , ,


Latest Posts:


Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.
Cameradar - Hack RTSP Video Surveillance CCTV Cameras Cameradar – Hack RTSP Video Surveillance CCTV Cameras
Cameradar is a Go-based tool to hack RTSP Video Surveillance CCTV Cameras, it can detect open RTSP hosts, detect device models and launch automated attacks.


Comments are closed.