File sip-call-spoof

脚本使用类型: portrule
脚本所属分类: discovery, intrusive
脚本下载地址: http://nmap.org/svn/scripts/sip-call-spoof.nse

User Summary

Spoofs a call to a SIP phone and detects the action taken by the target (busy, declined, hung up, etc.)

This works by sending a fake sip invite request to the target phone and checking the responses. A response with status code 180 means that the phone is ringing. The script waits for the next responses until timeout is reached or a special response is received. Special responses include: Busy (486), Decline (603), Timeout (408) or Hang up (200).

Script Arguments

sip-call-spoof.from

Caller user ID. Defaults to Home.

sip-call-spoof.extension

SIP Extension to send request from. Defaults to 100.

sip-call-spoof.ua

Source application's user agent. Defaults to Ekiga.

sip-call-spoof.timeout

Time to wait for a response. Defaults to 5s

sip-call-spoof.src

Source address to spoof.

Example Usage

执行格式

nmap --script=sip-call-spoof -sU -p 5060 <targets>
nmap --script=sip-call-spoof -sU -p 5060 --script-args
'sip-call-spoof.ua=Nmap, sip-call-spoof.from=Boss' <targets>

Script Output

5060/udp open  sip
| sip-call-spoof: 
|_  Target hung up. (After 10.9 seconds)

Requires

• nmap
• shortport
• sip
• stdnse
• table

Author: Hani Benhabiles

License: VER007 整理 http://www.ver007.com