Section: Software

Voip bots

Participants : Mohamed Nassar [contact] , Olivier Festor.

VoIPbot is a VoIP security tool created as a demonstrator of how attacks can be launched against VoIP/SIP services and users in a remotely and distributed manner. The environment contains bots that can be remotely managed over an Internet Relay Chat (IRC) channel from a cental manager. Our bots are currently able to perform the following tasks :

• send SPAM over IP Telephony (SPIT),

• distributed denial of service through intensive generation of invite messages to a target device,

• active scanning of users through incremental options messages issuance to servers and response analysis,

• cracking through brute-force testing of passwords against an identified user account,

• simple device scanning and fingerprinting,

• target aware device fuzzing.

The tool is developed using the Java programming language. It uses the JAIN-SIP, JMF and PIRCBOT libraries. The tool is distributed under a GPL2 Open Source license. Reports show its use mainly in the testing business so far.