SIPCrack – Session Initiation Protocol (SIP) is a protocol developed by the IETF MMUSIC Working Group and is a proposed standard for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, and virtual reality.
SIPcrack is a SIP login sniffer/cracker that contains 2 programs: sipdump to capture the digest authentication and sipcrack to bruteforce the hash using a wordlist or standard input. sipdump dumps SIP digest authentications. If a login is found, the sniffed login is written to the dump file. See ‘sipdump -h’ for options. sipcrack bruteforces the user’s password with the dump file generated by sipdump. If a password is found, the sniffed and cracked login will be updated in the dump file. See ‘sipcrack -h’ for options.
sip crack [OPTIONS] [ -s | -w <wordlist> ] <dump file>
<dump file> = file containing logins sniffed by SIPdump Options: -s = use stdin for passwords -w wordlist = file containing all passwords to try -p num = print cracking process every n passwords (for -w) (ATTENTION: slows down heavily)
cyborg@cyborg:~$ sudo sipcrack -w test.txt logins.dump SIPcrack 0.3pre ( MaJoMu | www.codito.de ) ---------------------------------------- * Found Accounts: Num Server Client User Hash|Password 1 192.168.1.29 188.8.131.52 0950236158 dc59495f8eb78a605a2ad5d57835a383 * Select which entry to crack (1 - 1): 1 * Generating static MD5 hash... 04cd38e646e760da129f99fa734ac1e4 * Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383') * Loaded wordlist: '~/exploits/dictionaries/test.txt' * Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383') * Tried 10 passwords in 0 seconds * Found password: [email protected]' * Updating dump file 'logins.dump'... done