A pentester must be able to identify whether it is possible to listen to the voice network using the following technique.
ARP Poisoning
The first step before implementing a Man??-in-the-Middle attack is to allow the routing of packets
Quote:echo 1> / proc/sys/net/ipv4/ip_forward
Now you can run a Man??-in-the-middle attack, in order to be able to intercept VoIP traffic This can be achieved very simply with the command below.:
![[Image: 6QxJUlp.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t9cmbeSYPnHgjvUGOpNItLsBvvUtSVjeYqqfbHTovBhuDM5DP1VzFJXYfh2Y9UmHcD-K92guKWgTZIPY1PeHa9=s0-d)
Capture and decoding VoIP traffic
Now that traffic is being routed to your computer, you can use Wireshark to capture all SIP traffic. We are particularly interested in RTP packets as they contain the actual conversation in a VoIP call.
![[Image: MJ4n3bY.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vtMXwgbVNfid9ehMzCxaMJZelOwMqOaC-8DIHAVIlAikwAmZnMIGeK_lgkK98nBqrDK9YPd075egGWYN9QNddf=s0-d)
Wireshark contains an embedded utility called VoIP, which can decode RTP data into a format playable audio.
![[Image: RbExP9b.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t0owpxV75IisxjXhZUJGvu5vdRnw8rZiFcQk8y5xe1uK51Ls8KE5Oct1trKXPz9gAYmV3HopFs6CzMH4VnGzZUkg=s0-d)
Conclusion
As we have seen, is very easy and quick to listen to a phone conversation just by performing a MITM attack and have a tool like Wireshark to capture traffic. On ratings VoIP, the pentesters should attempt to implement this attack in order to identify whether listening is possible. To avoid this type of attack must use SRTP, which is a secure protocol and provides encryption of data being transferred
0 comentarii:
Trimiteți un comentariu