0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GITBOOK-3876: change request with no subject merged in GitBook

This commit is contained in:
CPol 2023-04-17 15:36:54 +00:00 committed by gitbook-bot
parent bef0b1cc79
commit 679bd88424
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
network-services-pentesting/pentesting-voip/README.md
View File

@ -225,6 +225,38 @@ It's possible to send these codes in **INFO SIP messages**, in **audio** or insi
multimon -a DTMF -t wac pin.wav
```
### Asterisks Misconfigurations
In Asterisk it's possible to allow a connection **from an specific IP address** or from **any IP address**:
```
host=10.10.10.10
host=dynamic
```
If an IP address is specified, the host **won't need to send REGISTER** requests every once in a while (in the REGISTER packet is sent the time to live, usually 30min, which means that in other scenario the phone will need to REGISTER every 30mins). However, it'll need to have open ports allowing connections from the VoIP server to take calls.
To define users they can be defined as:
* **`type=user`**: The user can only receive calls as user.
* **`type=friend`**: It's possible to perform calls as peer and receive them as user (used with extensions)
* **`type=peer`**: It's possible to send and receive calls as peer (SIP-trunks)
It's also possible to establish trust with the insecure variable:
* **`insecure=port`**: Allows peer connections validated by IP.
* **`insecure=invite`**: Doesn't require authentication for INVITE messages
* **`insecure=port,invite`**: Both
{% hint style="warning" %}
When **`type=friend`** is used, the **value** of the **host** variable **won't be used**, so if an admin **misconfigure a SIP-trunk** using that value, **anyone will be able to connect to it**.
For example, this configuration would be vulnerable:\
`host=10.10.10.10`\
`insecure=port,invite`\
`type=friend`
{% endhint %}
<details>
<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a><a href="https://twitter.com/carlospolopm"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>