Signals and Exit codes

Signals

Each tool responds to SIGINT by gracefully stopping whatever test is being done and writing results upon exit. This signal is typically mapped to Ctrl+C on most systems. This can be used to control limit tools to a certain maximum run duration, for example by making use of the timeout command.

The following is an example showing usage of SIPVicious together with GNU timeout, where it sends a SIGINT after 5 seconds, and kills the process if, for whatever reason, it does not exit 6 seconds after the SIGINT signal was sent:

timeout -k 6s -s INT 5s sipvicious sip crack online udp://demo.sipvicious.pro:5060 -e 1300 -r 1-99999999 --results out.json

Exit codes

Each SIPVicious tool will return an exit code that indicates the result of the test. The following exit codes are standard across each tool:

Code Description
0 hakuna matata
10 command syntax or flag related errors
20 catch-all of errors
30 network connectivity problems
40 security issue detected

In the case of security issues, each tool will define what constitutes a security issue. Please refer to the tool’s documentation to learn more about this. In the case of network connectivity issues, this is typically when the target system is not found to be responding, or, for example, the network is down. Similar to security issues, each tool may give a specific meaning to this exit code.

The following is an example of a bash script running SIPVicious PRO and checking the exit codes for errors:

#!/bin/bash
set -xu

do_test() {
    $2
    if [ $? -ne $1 ]; then exit 1; fi
}

do_test 40 "sipvicious rtp bleed udp://demo.sipvicious.pro -p35000-40000" 
do_test 0 "sipvicious rtp inject udp://demo.sipvicious.pro -p 35000-40000" 
do_test 0 "sipvicious rtp flood udp://demo.sipvicious.pro:5060 -e 1100 -u 1000:1500 --duration 1s"
do_test 40 "sipvicious sip crack online udp://demo.sipvicious.pro:5060 -e 1000 -r 1000-2000"
do_test 40 "sipvicious sip crack digestleak udp://demo.sipvicious.pro:5060 -e 2000"
do_test 40 "sipvicious sip enumerate extensions udp://demo.sipvicious.pro:5060"
do_test 0 "sipvicious sip enumerate methods udp://demo.sipvicious.pro:5060"
do_test 0 "sipvicious sip utils call udp://demo.sipvicious.pro:5060 -e 1400 -u 1000:1500 --caller-mode hangup-call:10s"
do_test 0 "sipvicious sip utils ping udp://demo.sipvicious.pro:5060 --max-requests 3"
do_test 0 "sipvicious sip utils ping udp://demo.sipvicious.pro:5060 -e 1000 --max-requests 3"
do_test 0 "sipvicious sip utils repeater udp://demo.sipvicious.pro:5060"

In this case, the script checks that particular vulnerabilities are detected by looking for exit code 40, to ensure that the demo server is functional. In the case of an automated system for testing an RTC product or service, it is likely that the script would be rewritten so that all tools should return exit code 0.