SIP digest leak – Metasploit module

Metasploit module for the SIP digest leak discovered by EnableSecurity. By sending a fake call to a phone, when the user hangs up a BYE message is sent back. If the reply is a 401/407 message the phone will send a second BYE with the digest token.

http://lab.mediaservice.net/code/sip_digest_leak.rb
MD5: 2a15b976098f1c42f60107e03d110089
SHA-1: e297d4b1fa12cc9bf5f78f31aaf9efa261eea7ff

Leave a Reply