The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications.[1] SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE).[2]
- Session Initiation Protocol (Wikipedia)
- Practical VoIP Penetration Testing (Medium)
SIP Protocol
Requests
REGISTER
INVITE
ACK
BYE
CANCEL
UPDATE
REFER
PRACK
SUBSCRIBE
NOTIFY
PUBLISH
MESSAGE
INFO
OPTIONSSIP Client
IP=x.x.x.x
# Executes tests, sends messages, etc.
sipp $IPNmap NSE
ls -la /usr/share/nmap/scripts/*sip*-rw-r--r-- 1 root root 3627 Jan 9 23:24 /usr/share/nmap/scripts/sip-brute.nse
-rw-r--r-- 1 root root 6099 Jan 9 23:24 /usr/share/nmap/scripts/sip-call-spoof.nse
-rw-r--r-- 1 root root 8585 Jan 9 23:24 /usr/share/nmap/scripts/sip-enum-users.nse
-rw-r--r-- 1 root root 1652 Jan 9 23:24 /usr/share/nmap/scripts/sip-methods.nseEnumerate a SIP Server’s allowed methods (INVITE, OPTIONS, SUBSCRIBE, etc.)
nmap --script=sip-methods -sT -p 5060 $IP# UDP
sudo nmap --script=sip-methods -sU -p 5060 $IPSIPVicious
Installation
sudo apt install sipviciousEnumeration with svmap
svmap -p5060-5062 $IP -m INVITE