VideoJak – IP Video Security Assessment Tool


What is VideoJak?

VideoJak is an IP Video security assessment tool that can simulate a proof of concept DoS against a targeted, user-selected video session and IP video phone. VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264.

VideoJak works by first capturing the RTP port used in a video conversation and analyzing the RTP packets, collecting the RTP sequence numbers and timestamp values used between the phones. Then VideoJak creates a custom video payload by changing the sequence numbers and timestamp values used in the original RTP packets between the two phones. After the user selects a targeted phone to attack in an ongoing video session, VideoJak delivers the payload over the learned RTP port against the target. This attack results in severely degraded video and audio quality.

Overview

VideoJak is designed in consideration of todays UC infrastructure implementions in which QoS requirements dictate the separation of data and VoIP/Video into discrete networks or VLANs. VideoJak is a proof of concept security assessment tool that can be used to test video applications. Future versions of the tool will support more exciting features.

Features

  • VLAN Discovery (CDP) and VLAN Hop
  • Call pattern tracking for SIP and SCCP signaling protocols
  • Audio codec (G.711u, G.722) and Video codec (H.263, H.264) support
  • Creates custom payload from H.263/H.264 packet capture
  • MitM functions and host management
  • Allows user to select ongoing video call from a menu
  • Allows user to select a targeted IP Phone for DoS within the video session
  • Enables the user to send the attack during an active, ongoing video call

You can download VideoJak here:

videojak-1.00.tar.gz

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Privacy

, , , , ,


Latest Posts:


truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.


Comments are closed.