This Metasploit module exploits a directory traversal vulnerability which is present in Netgear SPH200D Skype telephone.
296b090de1a0b1c6c8f8e31f9ee0fbe9702722c43d2b8624d6001f8e19d9d16e
This Metasploit module exploits a vulnerability present in all versions of Telpho10 telephone system appliance. This Metasploit module generates a configuration backup of Telpho10, downloads the file and dumps the credentials for admin login, phpmyadmin, phpldapadmin, etc. This Metasploit module has been successfully tested on the appliance versions 2.6.31 and 2.6.39.
94e832c4a55946a0bafe2584caa72b0c8f7a000472011e442c2d49d287911a3f
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,password,call,mobile_number triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.
c037e2ee83a5523ffd033fa937fdfb763b41df886c5224e3cf246b802481b761
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Python script and it allows us to check the security of a VoIP server using SIP protocol, over UDP, TCP and TLS protocols.
c39fa34d085c0c332acd12f54b5016ced5d9dfc4d1687a6d231fee23f51a101e
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Python script and it allows us to check the security of a VoIP server using SIP protocol, over UDP, TCP and TLS protocols.
3ede5028958a1effbe95fce1926ba0492f4dc037dcfa74011730bc24129aa41b
This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.
fa8f560293640c4759f220069490d2498cf18f75ce1183b3ab8f77dd819585e5
SIPPTS is a set of tools to audit VoIP servers and devices using the SIP protocol. It is a set of perl scripts that allow you to identify extensions, remotely crack passwords, check for missing authentication to make phone calls, and more.
3b3b1fe11ef018073d9b9a1c65106f80b2f32f55cf4755c36a56b598a19853c2
NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file 'config.gz' or 'config.pcpx' that contains the unencrypted data file 'conf.pcpn', can be downloaded by an attacker from the root directory if previously generated by a privileged user.
6ec13406baf539fb83adb212bb192015cc4af93e431d8bb3179d2f34e0475af2
Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.
1e5ea6ababa53a368f6ee034d8c4f08f4e032acffd627cadd356717cfecfc988
This whitepaper goes into detail on design and implementation details for performing voice encryption on telephone networks. Written in Spanish.
96654408957024ded313fec057b5f79be73443423be062807bec0d5dffc0bf05
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
f82fb7fe0185bf5c2278fac46dcd75c361dd9b65b53a9aadacf52bdcaf58d951
The Aastra 6753i IP Telephone suffers from a hardcoded telnetd administrative password.
62d1199d353ae991c9baaa62acd28e5797451f8295d39267e3a0f2c29067e7fb
Secunia Security Advisory - A vulnerability has been reported in Cisco ATA 187 Analog Telephone Adaptor, which can be exploited by malicious people to compromise a vulnerable device.
a0cdfdffa79de6689f58d2969d9d72a7a598bdaa5599013adffb28301942ae4f
Cisco Security Advisory - Cisco ATA 187 Analog Telephone Adaptor firmware versions 9.2.1.0 and 9.2.3.1 contain a vulnerability that could allow an unauthenticated, remote attacker to access the operating system of the affected device. Cisco has available free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
a44fd2ae255011f46fdf2f2dd21e8ae9bff6fff2f42ff72eaacd5943dc3fe15b
The Aastra 6753i IP telephone uses 3DES encrypted payloads in ECB mode to pass configuration files, allowing for modification to the phone's set up.
37afa236f204f396a881ea999505cdbd4d8047d6b315beac681e7afeab78a829
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
fffa541c346b2d756f93b344a190f965c9b43b7dca0fb94043b81a9f64107cc1
The operating system your smartphone is running may be vulnerable to USSD commands that could wipe your entire phone. Tapping on a link to a cleverly coded web page could order you phone to reset itself to factory settings and disintegrate all your private data with it. Any Android phone running Phone.apk version 4.1 or lower is at risk and that's the broader base of them. Install Bitdefender's USSD Wipe Stopper to protect against such attacks. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.
3cd59866b648b42e35402ab278852e5cc8501faa6680e4deda628dc5b5c0a8fc
This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call). The aim of the tool is to ring all the sip Terminal Equipment (phones).
6ba2d5b8e6fb19504e9f6dd8fae1bdcbe77e340e3053d3fc58575622138019d5
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
bff01b00a04b4f8d246cef236da44a4b42ee12eab2af28f943e5c55dfca9f9ce
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
b4b02f031240e624405bb78c70f1bf7bc072a81cb290c25606afecbe4600b6b5
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
72da911bfc77431234e0bff1286afe803d438992f016d2dd1f846b745e94dabf
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
f00861ee6f7e585ce9d2ae6ddb5901a650f59a99fd2152c83e5a17a2c9369cf7
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
1788efed459f3c65d34a9c46fc689a46ce93e6565ae899162092325710b860ff
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
3a312087d3ceb09926c6a460c4fed5913a2e96a9e5b326abb442dfcedfb23b45
SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.
1e25862cc9e81979e0d66e5fb298c8cfd17279e7dd683b1dd841dcf1dbc29cc8