Skip to content

Commit

Permalink
now making use of acks in response to INVITE responses
Browse files Browse the repository at this point in the history
  • Loading branch information
sandrogauc@gmail.com committed Dec 8, 2012
1 parent 7d19e8b commit 57258f8
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 14 deletions.
2 changes: 1 addition & 1 deletion Changelog
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
v0.2.8 (20121118)
* Bug fix: removed fingerprinting completely

* Change: moved pptable.py to libs/
* Change: moved pptable.py and svhelper to libs/

* Feature: man pages can be produced with --manpage

Expand Down
4 changes: 3 additions & 1 deletion libs/svhelper.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -444,6 +444,8 @@ def makeRequest(
headers = dict()
finalheaders = dict()
superheaders = dict()
if method == 'ACK':
localtag = None
if compact:
superheaders['v'] = 'SIP/2.0/UDP %s:%s;branch=z9hG4bK-%s;rport' % (srchost,port,branchunique)
headers['t'] = toaddr
Expand Down Expand Up @@ -863,7 +865,7 @@ def getasciitable(labels,db,resdb=None,width=60):
prefix='| ', postfix=' |',wrapfunc=lambda x: wrap_onspace(x,width))
return o

def outputtoxml(title,labels,db,resdb=None,xsl='sv.xsl'):
def outputtoxml(title,labels,db,resdb=None,xsl='resources/sv.xsl'):
from xml.sax.saxutils import escape
o = '<?xml version="1.0" ?>\r\n'
o += '<?xml-stylesheet type="text/xsl" href="%s"?>\r\n' % escape(xsl)
Expand Down
37 changes: 25 additions & 12 deletions svwar.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,15 @@ class TakeASip:
def __init__(self,host='localhost',bindingip='',externalip=None,localport=5060,port=5060,
method='REGISTER',guessmode=1,guessargs=None,selecttime=0.005,
sessionpath=None,compact=False,socktimeout=3,initialcheck=True,
disableack=False,maxlastrecvtime=15, domain=None, printdebug=False,
enableack=False,maxlastrecvtime=15, domain=None, printdebug=False,
):
from libs.svhelper import dictionaryattack, numericbrute, packetcounter
import logging
self.log = logging.getLogger('TakeASip')
self.maxlastrecvtime = maxlastrecvtime
self.sessionpath = sessionpath
self.dbsyncs = False
self.disableack = disableack
self.enableack = enableack
if self.sessionpath is not None:
self.resultauth = anydbm.open(os.path.join(self.sessionpath,'resultauth'),'c')
try:
Expand Down Expand Up @@ -79,6 +79,8 @@ def __init__(self,host='localhost',bindingip='',externalip=None,localport=5060,p
self.nomore=False
self.BADUSER=None
self.method = method.upper()
if self.method == 'INVITE':
self.log.warn('using an INVITE scan on an endpoint (i.e. SIP phone) may cause it to ring and wake up people in the middle of the night')
if self.sessionpath is not None:
self.packetcount = packetcounter(50)
self.initialcheck = initialcheck
Expand Down Expand Up @@ -125,19 +127,24 @@ def __init__(self,host='localhost',bindingip='',externalip=None,localport=5060,p
# try with the next one.
SERVICEUN = 'SIP/2.0 503 '

def createRequest(self,m,username,auth=None,cid=None,cseq=1):
def createRequest(self,m,username=None,auth=None,cid=None,cseq=1,fromaddr=None,toaddr=None,contact=None):
from base64 import b64encode
from libs.svhelper import makeRequest
from libs.svhelper import createTag
if cid is None:
cid='%s' % str(random.getrandbits(32))
branchunique = '%s' % random.getrandbits(32)
localtag=createTag(username)
contact = 'sip:%s@%s' % (username,self.domain)
if not contact:
contact = 'sip:%s@%s' % (username,self.domain)
if not fromaddr:
fromaddr = '"%s"<sip:%s@%s>' % (username,username,self.domain)
if not toaddr:
toaddr = '"%s"<sip:%s@%s>' % (username,username,self.domain)
request = makeRequest(
m,
'"%s"<sip:%s@%s>' % (username,username,self.domain),
'"%s"<sip:%s@%s>' % (username,username,self.domain),
fromaddr,
toaddr,
self.domain,
self.dstport,
cid,
Expand Down Expand Up @@ -179,10 +186,10 @@ def getResponse(self):
except (ValueError,IndexError,AttributeError):
self.log.error("could not get the 1st line")
return
if not self.disableack:
if self.enableack:
# send an ack to any responses which match
_tmp = parseHeader(buff)
if 300 > _tmp['code'] >= 200:
if 699 > _tmp['code'] >= 200:
self.log.debug('will try to send an ACK response')
if not _tmp.has_key('headers'):
self.log.debug('no headers?')
Expand All @@ -201,12 +208,15 @@ def getResponse(self):
except IndexError:
self.log.warn('could not parse the from address %s' % _tmp['headers']['from'])
username = 'XXX'
cseq = _tmp['headers']['cseq'][0]
cseq = _tmp['headers']['cseq'][0].replace('INVITE','')
cid = _tmp['headers']['call-id'][0]
ackreq = self.createRequest('ACK',
username=username,
fromaddr = _tmp['headers']['from'][0]
toaddr = _tmp['headers']['to'][0]
ackreq = self.createRequest('ACK',
cid=cid,
cseq=cseq,
fromaddr=fromaddr,
toaddr=toaddr,
)
self.log.debug('here is your ack request: %s' % ackreq)
mysendto(self.sock,ackreq,(self.dsthost,self.dstport))
Expand Down Expand Up @@ -536,6 +546,9 @@ def start(self):
tmpsocket.connect(("msn.com",80))
options.externalip=tmpsocket.getsockname()[0]
tmpsocket.close()
enableack = False
if options.method.upper() == 'INVITE':
enableack = True
sipvicious = TakeASip(
host,
port=options.port,
Expand All @@ -547,7 +560,7 @@ def start(self):
sessionpath=exportpath,
initialcheck=initialcheck,
externalip=options.externalip,
disableack=True,
enableack=enableack,
maxlastrecvtime=options.maximumtime,
localport=options.localport,
domain=options.domain,
Expand Down

0 comments on commit 57258f8

Please sign in to comment.