Fingerprinting VOIP services
We can fingerprint VOIP devices over a network using the SIP scanner modules that are built in to Metasploit. A commonly known SIP scanner is the SIP endpoint scanner. We can use this scanner to identify devices that are SIP-enabled by issuing the request for options from various SIP devices in the network.
Let's carry on with scanning VOIP using the options auxiliary module under /auxiliary/scanner/sip and analyze the results. The target here is a Windows XP system with the Asterisk PBX VOIP client running. We start by loading the auxiliary module for scanning SIP services over a network, as shown in the following screenshot:
We can see that we have plenty of options that we can use with the auxiliary/scanner/sip/options ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access