Participants : Mohamed Nassar [contact] , Olivier Festor.
VoIPbot is a VoIP security tool created as a demonstrator of how attacks can be launched against VoIP/SIP services and users in a remotely and distributed manner. The environment contains bots that can be remotely managed over an Internet Relay Chat (IRC) channel from a cental manager. Our bots are currently able to perform the following tasks :
send SPAM over IP Telephony (SPIT),
distributed denial of service through intensive generation of invite messages to a target device,
active scanning of users through incremental options messages issuance to servers and response analysis,
cracking through brute-force testing of passwords against an identified user account,
simple device scanning and fingerprinting,
target aware device fuzzing.
The tool is developed using the Java programming language. It uses the JAIN-SIP, JMF and PIRCBOT libraries. The tool is distributed under a GPL2 Open Source license. Reports show its use mainly in the testing business so far.