Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] sip-extensions.nse
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 29 Jun 2012 22:07:05 +0200

On Fri, Jun 29, 2012 at 9:41 PM, Hani Benhabiles <kroosec () gmail com> wrote:

Hi list,

description = [[
Scans a numeric range of SIP extensions to find valid ones.

The script works by sending REGISTER SIP requests to the server with the
specified extension number and checking for the response status code in
order
to know if an extension is valid. If a response status code is 401 or
407, it means that the extension is valid and requires authentication. If
the
response status code is 200, it means that the extension exists and doesn't
require any authentication while a 403 response status code means that
extension exists but access is forbidden. To skip false positives, the
script
begins by sending a REGISTER request for a random extension and checking
for
response status code.
]]

---
-- () args sip-extensions.minext Extension value to start enumeration from.
--  Defaults to <code>0</code>.
--
-- () args sip-extensions.maxext Extension value to end enumeration at.
--  Defaults to <code>999</code>.
--
-- () args sip-extensions.padding Number of digits to pad zeroes up to.
--  Defaults to <code>0</code>. No padding if this is set to zero.
--
-- () args sip-extensions.threads Number of threads to use.
--  Defaults to <code>1</code>.
--
-- () usage
-- nmap --script=sip-extensions -sU -p 5060 <targets>
--
-- nmap --script=sip-extensions -sU -p 5060 <targets>
-- script-args sip-extensions.padding=4, sip-extensions.minext=1000,
-- sip-extensions.maxext=9999
--
-- () output
-- 5060/udp open sip
-- | sip-extensions:
-- |   101 : Authentication required.
-- |   112 : Authentication required.
-- |_  150 : No authentication.


--
Hani Benhabiles

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Hi Hani,
There seems to be some overlap here with sip-enum-users?
Or am I missing something?

Cheers,
//Patrik

-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]