Skip to content


Jose Luis Verdeguer edited this page May 21, 2019 · 2 revisions

Sipcrack is a remote password cracker. Sipcrack can test passwords for several users in different IPs and port ranges.


Sipcrack allows us to:

  • Test remotely a list of users and passwords using REGISTER method.
  • Test users and passwords on a network range.
  • Use a prefix for extensions range (maybe user and extension is not the same).
  • Connect over UDP or TCP protocol.
  • Try UDP and TCP at the same time.
  • Resume a previous session.
  • Analyze responses using verbose mode.
  • Allow us to customize the UserAgent.


$ perl

SipCRACK - by Pepelux <>

Usage: perl -h <host> -w wordlist [options]
== Options ==
-e  <string>     = Extension (default from 100 to 1000)
-s  <integer>    = Source number (CallerID) (default: 100)
-d  <integer>    = Destination number (default: 100)
-r  <integer>    = Remote port (default: 5060)
-p  <string>     = Prefix (for extensions)
-proto <string>  = Protocol (UDP or TCP - By default: UDP)
-ip <string>     = Source IP (by default it is the same as host)
-resume          = Resume last session
-w               = Wordlist
-v               = Verbose (trace information)
-vv              = More verbose (more detailed trace)
  • Try to crack extensions from 100 to 1000 on port 5060.
perl -h -w wordlist
  • Try to crack extensions from user100 to user200 on network.
perl -h -e 100-200 -p user -w wordlist


$ perl -h -e 100-200 -w dictionary
Found match: - User: 100 - Pass: p3p3lux
Found match: - User: 101 - Pass: p3p3lux

IP address	Port	Proto   Exten	Pass
==========	====	=====   =====	====	5060	udp     100	p3p3lux	5060	udp     101	p3p3lux
You can’t perform that action at this time.