NAME
sipdump - Part of SIPcrack, A suite of tools to sniff and crack the
digest authentications within the SIP protocol.
SYNOPSIS
sipdump [options] <dump_file>
DESCRIPTION
This manual page documents briefly the sipdump tool
Session Initiation Protocol (SIP) is a protocol developed by the IETF
MMUSIC Working Group and is a proposed standard for initiating,
modifying, and terminating an interactive user session that involves
multimedia elements such as video, voice, instant messaging, online
games, and virtual reality.
In November 2000, SIP was accepted as a 3GPP signaling protocol and
permanent element of the IMS architecture. It is one of the leading
signalling protocols for Voice over IP, along with H.323. In most VOIP
solutions SIP is used to authenticate the SIPclient. The protocol is
documented inside the RFC at www.ietf.org/rfc/rfc3261.txt
SIPcrack is a SIP login sniffer/cracker that contains 2 programs:
sipdump to capture the digest authentication and sipcrack to bruteforce
the hash using a wordlist or standard input.
sipdump dumps SIP digest authentications. If a login is found, the
sniffed login is written to the dump file. See ’sipdump -h’ for
options.
sipcrack bruteforces the user’s password with the dump file generated
by sipdump. If a password is found, the sniffed and cracked login will
be updated in the dump file.
See ’sipcrack -h’ for options.
OPTIONS
A summary of options is included below.
-i interface,
interface to listen on
-p pcap_file,
use pcap data file
-m, enter login data manually
-f libpcap_filer ,
set libpcap filter
EXAMPLE
sipdump -i eth0 logins.dump
sipcrack -w mywordlist.txt logins.dump
SEE ALSO
sipcrack(1).
AUTHOR
sipdump was written by Martin J. Muench <mjm@codito.de>
This manual page was written by Sebastian Castillo Builes
<castillobuiles@gmail.com>, for the Debian project (but may be used by
others).
April 29, 2008