SIPCrack

Description

SIPCrack – Session Initiation Protocol (SIP) is a protocol developed by the IETF MMUSIC Working Group and is a proposed standard for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, and virtual reality.

SIPcrack is a SIP login sniffer/cracker that contains 2 programs: sipdump to capture the digest authentication and sipcrack to bruteforce the hash using a wordlist or standard input. sipdump dumps SIP digest authentications. If a login is found, the sniffed login is written to the dump file. See ‘sipdump -h’ for options. sipcrack bruteforces the user’s password with the dump file generated by sipdump. If a password is found, the sniffed and cracked login will be updated in the dump file. See ‘sipcrack -h’ for options.

Usage

Syntax

sip crack [OPTIONS] [ -s | -w <wordlist> ] <dump file>

Options

       <dump file>   = file containing logins sniffed by SIPdump 

       Options:                                                  
       -s            = use stdin for passwords                   
       -w wordlist   = file containing all passwords to try      
       -p num        = print cracking process every n passwords (for -w)
                       (ATTENTION: slows down heavily)

Example

cyborg@cyborg:~$ sudo sipcrack -w test.txt logins.dump

SIPcrack 0.3pre  ( MaJoMu | www.codito.de ) 
----------------------------------------

* Found Accounts:

Num	Server		Client		User	Hash|Password

1	192.168.1.29	212.27.52.5	0950236158	dc59495f8eb78a605a2ad5d57835a383

* Select which entry to crack (1 - 1): 1

* Generating static MD5 hash... 04cd38e646e760da129f99fa734ac1e4
* Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383')
* Loaded wordlist: '~/exploits/dictionaries/test.txt'
* Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383')
* Tried 10 passwords in 0 seconds

* Found password: [email protected]'
* Updating dump file 'logins.dump'... done

 

0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?