Features

Key features

SIPVicious PRO comes with various features that are critical when doing offensive security testing on RTC systems, including:

  • Various attacks, including SIP flood, RTP flood, SIP enumeration, Digest leak, RTP Bleed and RTP inject
  • Fuzzing to discover unknown vulnerabilities
  • Support for SIP over different transport protocols: TCP, UDP, TLS and WebSockets
  • Integration within QA automation systems, including CI/CD pipelines
  • A flexible templating system so that SIP messages may be easily modified
  • Support for RTP attacks
  • Insane speed, especially useful for flood attacks with rate limiting capabilities
  • Compliance to RFCs1

Tools included

The following tools are part of the current version of SIPVicious PRO:

Tool Description Documentation
sipvicious about Display information about the SIPVicious link
sipvicious list List all SIPVicious PRO tools link
sipvicious rtp bleed Detects and exploits the RTP Bleed vulnerability link
sipvicious rtp flood Floods the target with RTP packets link
sipvicious rtp inject Detects and exploits the RTP injection vulnerability link
sipvicious sip crack digestleak Reproduce the SIP Digest leak attack link
sipvicious sip crack online Launch an online SIP password cracking attack link
sipvicious sip dos flood SIP flood DoS attacks link
sipvicious sip enumerate extensions Perform a SIP extension enumeration attack link
sipvicious sip enumerate methods Identify which SIP methods are accepted by the target link
sipvicious sip fuzz method Perform a SIP method fuzzing attack link
sipvicious sip utils call Start a new call link
sipvicious sip utils callee Wait for calls and handle them link
sipvicious sip utils ping Ping the target using SIP link
sipvicious sip utils repeater Send a SIP message and display the response link
sipvicious sip utils templates dump Dump templates in a directory link
sipvicious sip utils templates test Test the template for a specific SIP method link
sipvicious utils dump autocomplete Dump autocomplete to stdout link
sipvicious utils dump configuration Dump an example configuration file link

Top automation features

The following are the key features that aid automation of SIPVicious PRO tests:

  • Process signal handling
  • Exit codes
  • Output results
  • Structured logging

For further details see the automation pages.

Protocol support

Protocol Standards
SIP RFC 3261, RFC 3665, RFC 5621, RFC 8760
SDP RFC 3264
SDES RFC 4568
RTP RFC 3550, RFC 3711, RFC 5761
DTLS RFC 4347, 6347, 5763, 5764
SIP TLS RFC 3261, RFC 5630
WebSocket RFC 6455, RFC 7118

Future plans

Our aim is to build tools that provide coverage of RTC systems. The following are features that will be added in future versions of SIPVicious PRO:

  • More fuzzing tools, especially:
    • RTP fuzzing
    • SIP call fuzzing
  • New SIP specific modules including:
    • XSS using SIP as injection vector
    • XML External Entity (XXE) vulnerability testing for SIP
    • SIP SQL and LDAP injection tests
    • Offline password cracking of SIP credentials
    • Slowloris denial of service testing adapted to SIP
    • STIR/SHAKEN fuzzing
    • STIR/SHAKEN specific tests
  • XMPP attacks, including:
    • Enumeration
    • DoS security tests
    • Online password cracking
    • manual testing tool
  • STUN / TURN attacks, including:
  • TCP specific tests, an extremely effective DoS tools
  • Custom signalling protocol support, especially useful for WebRTC support

  1. RFC compliance: especially concerning SIP and RTP. This applies unless the attack requires non-compliance! ↩︎