Skip to main content


Showing posts from September, 2011

VoIP Information Gathering: Metasploit

Information gathering  is the stage of a penetration test when the attacker tries to  collect as much information as possible about the target. This step is normally composed for footprinting and fingerprinting but, in the case of VoIP systems, we should add extension enumeration to the list. During this last step attacker will attempt to obtain valid extensions/users of the target system. Footprinting & Fingerprinting My favourite tools for these jobs are FOCA and Nmap , it´s a bit strange combination but it fits for me :). FOCA automates almost all the “dirty job” and it is the best with public documents metadata, while Nmap flexibility let me confirm manually all these discovered stuff. Moreover, in the case of SIP Protocol, FOCA also is able to obtain more information from target   DNS SRV records , they work in a similar way during a call that MX ones for mailing. Next picture taken from the blog of its “father” shows an example of them. Figure: Adobe SRV reco