forked from EnableSecurity/sipvicious
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Changelog
199 lines (144 loc) · 8.16 KB
/
Changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
v0.2.8 (20121210)
* Feature: INVITE sends a BYE and supports ACK
* Feature: man pages can be produced with --manpage and man pages are included
* Bug fix: removed fingerprinting completely
* Change: moved pptable.py and svhelper to libs/
* Change: Number of changes to adhere to Debian's guidelines (copyright/license notices etc)
* Bug fix: fixed an svcrack unhandled exception
v0.2.7 (20120222)
* Feature: svcrash.py has a new option -b which bruteforces the attacker's port
* Feature: svcrack.py now tries the extension as password by default, automatically
* Feature: svcrack.py and svwar.py now support setting of source port
* Feature: new parameter --domain can be passed to all tools which specifies
a custom domain in the SIP uri instead of the destination IP
* Feature: new --debug switch which shows the messages received
* Bug fix: Sometimes nonces could not be extracted due to an incorrect regex
* Bug fix: Fixed an unhandled exception when decoding tags
* Bug fix: now using hashlib when available instead of md5
* Bug fix: removed the space after the SIP address in the From header which
led to newer version of Asterisk to ignore the SIP messages
* Bug fix: dictionaries with new lines made svcrack.py stop without this fix
* Change: renamed everything to start with sv*
* Bug fix: changed the way shelved files are opened by the fingerprinting module
* Change: fingerprinting disabled by default since it was giving too many problems
and very little benefits
v0.2.6 (20100621)
* Feature: svcrash.py is a new tool for sending messages that crash svwar and
svcrack
* Bug fix: helper.py has been fixed when decoding the tags (svcrash abuses
this issue)
v0.2.5 (20100519)
* Feature: svwar.py has "scan for default / typical extensions" option. This
option tries to guess numeric extensions which have certain patterns
such as 1212 etc. Option is -D, --enabledefaults
* General: svwar.py and svcrack.py now have a new option which allows you to set
how long the tools will scan without receiving any response back.
This allows us to prevent flooding the target. Some PBX servers now
have built-in firewalls / intrusion prevention systems which will
blacklist the IP address of anyone using svwar or svcrack. Therefore
if the IP is blacklisted it makes sense to stop scanning the target.
The default for this option is 10 seconds. Set this option by using
--maximumtime [seconds]
* Removed: svlearnfp.py is now discontinued. The tool is still included for
historic reasons but disabled.
* Feature: svmap.py now includes the following new features:
--debug - shows messages as they are received (useful for
developers)
--first - scans the first X number of hosts, useful for
random or large address pool scanning
--inputtext - scans IP ranges taken from a text file
--fromname - sets the from header to something specific
useful for abusing other security issues or
when svmap is used in a more flexible way
then usual ;-)
* Feature: svreport.py now has two new modes:
- stats, which lists some statistics
- search, allows you to search through logs looking for
specific user agents
* Bug fix: svwar.py now by default does not send ACK messages (was a buggy feature
that did not follow the standard)
* Bug fix: svwar.py - the template passed through --template option is now checked
sanity.
v0.2.4
* Feature: svwar.py can now scan for templated numbers. This allows more flexible
usage of ranges of numbers, allowing for prefixes and suffixes as
need be ;-)
* Bug fix: svwar.py now sends ACK to be nice to other devices.
* Bug fix: each tag is padded with a unique 32 bit
* Bug fix: Contact header is always added to the request to always send well
formed SIP requests
* Bug fix: Large data is sent fragmented now (mysendto)
* Bug fix: svwar.py now handles new SIP response codes
v0.2.3
* Feature: Fingerprinting support for svmap. Included fphelper.py and
3 databases used for fingerprinting.
* Feature: Added svlearnfp.py which allows one to add new signatures to
db and send them to the author.
* Feature: Added DNS SRV check to svmap. Use ./svmap.py --srv domainname.com
to give it a try
v0.2.svn
* Feature: added the ability for svreport to count results when doing a list
* Bug fix: fixed a bug related to resuming a scan which does not have an
an extension
v0.2.1 (maintenance)
General:
* Feature: updated the report function to include more information about
the system. Python version and operating system is now included
in the bug report. option now supports optional feedback.
* Feature: Store information about the state of a session. Sessions can be
complete or incomplete, so that you can resume incomplete sessions
but not complete ones.
* Feature: Added -e option to svmap. Allows you to specify an extension. This
is useful when using -m INVITE options on a SIP phone.
* Bug fix: Added a check to make sure that the python version is supported.
Anything less than version 2.4 is not supported
* Bug fix: IP in the SIP msg was being set to localhost when not explicitly
set. This is not correct behavior and was fixed. As a result of this
behavior some devices, such as Grandstream BT100 were not being detected.
Thanks to robert&someone from bulgaria for reporting this
* Bug fix: fixed a bug in the database which was reported anonymously via the --reportback / -R option.
Thanks whoever reported that. Bug concerns the dbm which does not
support certain methods supported other database modules referenced
by anydbm. Reproduced on FreeBSD. Thanks to Anthony Williams for help i
dentifying this
* Bug fix: Ranges of extensions in svwar could not take long numeric extensions
(xrange does not support long / large numbers). Thanks to Joern for reporting this
* Bug fix: svwar was truncating extension names containing certain characters. Fixed.
* Bug fix: when binding to a specific interface, the IP within the SIP message could be incorrect (when there are multiple interfaces). This has been fixed.
* Cosmetic: Certain PBXs reply with "603 Declined" when svwar finds that the
extension does not exist. This creates extra noise. It is now being
suppressed.
v0.2
General:
* Feature: replaced 3rd party functions in ip4range with our functions in helper.py
* Feature: ReportBack function is off by default but can be enabled by using -R option
* Feature: verbose and quiet mode. Now making use of logging module
* Newtool: svreport - export to csv, pdf, xml and plain text.
* Feature: session / database support. This allows two things:
- resuming of previous scans
- exporting the results to more meaningful formats
* Feature: give a warning when the default port is already being used and listen on another port
Svmap:
* Feature: Host arguments now accepts a variety of formats. You can now scan using ranges like the following:
- 1.1.1.1-20 1.1.1-20.1-10
- 1.1.1.*
- 1.1.1.1-1.1.2.20
- sipvicious.org/22
* Bug fix: Generation of hosts to scan is now dynamic and does not slow down startup time
* Feature: Now making use of the standard logging module with more logging to debug problems
* Feature: When the port is already bound, svmap tries to listen on another port
* Feature: Added options to allow you to specify the ip to bind to as well as the external ip address of the scanner
* Feature: --help now shows proper usage
* Feature: New scanning method - random scan! This scans only valid internet address space.
* Feature: Randomize scan. Allows you to randomize the order of the IP addresses to be scanned.
Svwar:
* Bug fix: Svwar was missing valid extensions (false negatives) - fixed
* Bug fix: Logic bug which did not identify between a server that does not respond and one that sends an unexpected response.
* Bug fix: Fixed description of errors and usage
Svcrack:
* General: --help output was updated to match the other tools.
Svreport:
* General: was born. Allows managing of saved sessions and exporting to different file formats.
* Feature: Reverse name lookup for ip addresses
v0.1
First release.