diff options
-rw-r--r-- | .SRCINFO | 23 | ||||
-rw-r--r-- | PKGBUILD | 48 | ||||
-rw-r--r-- | sipvicious.changelog | 192 | ||||
-rw-r--r-- | sipvicious.install | 26 |
4 files changed, 233 insertions, 56 deletions
@@ -1,16 +1,15 @@ pkgbase = sipvicious - pkgdesc = Tools for auditing SIP devices - pkgver = 0.2.8 + pkgdesc = Set of security tools that can be used to audit SIP based VoIP systems + pkgver = 0.3.4 pkgrel = 1 - url = http://blog.sipvicious.org - install = sipvicious.install - arch = i686 - arch = x86_64 - license = GPLv2 - depends = python2 - conflicts = sipvicious-svn - source = http://sipvicious.googlecode.com/files/sipvicious-0.2.8.tar.gz - sha1sums = a243ee01a23d7a6305d170213f2a8675820a0df6 + url = https://github.com/EnableSecurity/sipvicious + changelog = sipvicious.changelog + arch = any + license = GPL3 + makedepends = python-setuptools + depends = python>=3.6 + optdepends = python-scapy: allow svcrash to crash SIPVicious toolset + source = sipvicious-0.3.4.tar.gz::https://github.com/EnableSecurity/sipvicious/archive/refs/tags/v0.3.4.tar.gz + b2sums = 75f3d190cb4224ada84cd7c714eb545e44a9759589890a559d3cb5243c5430c0aa81138e3cd294926901e961a5ec156c8d991b648c70e1d8fc2dc906473d507d pkgname = sipvicious - @@ -1,27 +1,39 @@ -# Maintainer: Xavier Devlamynck <magicrhesus@ouranos.be> +# Maintainer: Qontinuum <qontinuum.dev@protonmail.ch> +# Contributor: GI_Jack <iamjacksemail@hackermail.com> +# Contributor: Xavier Devlamynck <magicrhesus@ouranos.be> pkgname=sipvicious -pkgver=0.2.8 +pkgver=0.3.4 pkgrel=1 -pkgdesc="Tools for auditing SIP devices" -arch=('i686' 'x86_64') -url="http://blog.sipvicious.org" -license=('GPLv2') -depends=('python2') -install=sipvicious.install -source=("http://sipvicious.googlecode.com/files/${pkgname}-${pkgver}.tar.gz") -conflicts=('sipvicious-svn') -sha1sums=('a243ee01a23d7a6305d170213f2a8675820a0df6') +pkgdesc="Set of security tools that can be used to audit SIP based VoIP systems" +arch=('any') +url="https://github.com/EnableSecurity/sipvicious" +license=('GPL3') +depends=('python>=3.6') +optdepends=('python-scapy: allow svcrash to crash SIPVicious toolset') +makedepends=('python-setuptools') +changelog=$pkgname.changelog +source=("$pkgname-$pkgver.tar.gz::https://github.com/EnableSecurity/sipvicious/archive/refs/tags/v$pkgver.tar.gz") +b2sums=('75f3d190cb4224ada84cd7c714eb545e44a9759589890a559d3cb5243c5430c0aa81138e3cd294926901e961a5ec156c8d991b648c70e1d8fc2dc906473d507d') + +prepare() { + cd "$srcdir/$pkgname-$pkgver" + + sed -i "s/sipvicious_//" setup.py +} build() { - msg "No build..." + cd "$srcdir/$pkgname-$pkgver" + + python setup.py build } package() { - cd ${srcdir}/${pkgname}-${pkgver} - chmod 755 *.py - sed -i "s:/usr/bin/env python:/usr/bin/env python2:" *.py - install -d -m 755 ${pkgdir}/usr/bin - install -d -m 755 ${pkgdir}/usr/share - mv ${srcdir}/${pkgname}-${pkgver} ${pkgdir}/usr/share/${pkgname} + cd "$srcdir/$pkgname-$pkgver" + + python setup.py install -O2 --skip-build --root="$pkgdir" + + for man in man1/*; do + install -Dvm644 $man "$pkgdir/usr/share/man/man1/$man" + done } diff --git a/sipvicious.changelog b/sipvicious.changelog new file mode 100644 index 000000000000..ae32db5b14d9 --- /dev/null +++ b/sipvicious.changelog @@ -0,0 +1,192 @@ +v0.3.4 (20210601) +* Feature: Exit codes implementation +* Automated positive/negative testing with GitHub Actions +* Code refactoring + +v0.3.3 (20210325) +* Feature: Input via STDIN for svcrack and svwar +* Feature: Full URL format support for svwar and svcrack +* Code refactoring + +v0.3.2 (20210303) +* Feature: IPv6 support to svmap +* Bug fix: auth header exception handling +* Bug fix: relative import error fixes +* github issue templates for proper structured issue reporting +* supplementary bug fixes as and when reported + +v0.3.0 (20200129) +* Port to Python 3! thanks to 0xInfection +* IPv6 support for svwar and svcrack +* svcrack now takes the --method option too +* qop and md5-sess auth support added +* lots of bug fixes + +v0.2.8 (20121210) +* Feature: INVITE sends a BYE and supports ACK +* Feature: man pages can be produced with --manpage and man pages are included +* Bug fix: removed fingerprinting completely +* Change: moved pptable.py and svhelper to libs/ +* Change: Number of changes to adhere to Debian's guidelines (copyright/license notices etc) +* Bug fix: fixed an svcrack unhandled exception + +v0.2.7 (20120222) +* Feature: svcrash.py has a new option -b which bruteforces the attacker's port +* Feature: svcrack.py now tries the extension as password by default, automatically +* Feature: svcrack.py and svwar.py now support setting of source port +* Feature: new parameter --domain can be passed to all tools which specifies + a custom domain in the SIP uri instead of the destination IP +* Feature: new --debug switch which shows the messages received +* Bug fix: Sometimes nonces could not be extracted due to an incorrect regex +* Bug fix: Fixed an unhandled exception when decoding tags +* Bug fix: now using hashlib when available instead of md5 +* Bug fix: removed the space after the SIP address in the From header which + led to newer version of Asterisk to ignore the SIP messages +* Bug fix: dictionaries with new lines made svcrack.py stop without this fix +* Change: renamed everything to start with sv* +* Bug fix: changed the way shelved files are opened by the fingerprinting module +* Change: fingerprinting disabled by default since it was giving too many problems + and very little benefits + +v0.2.6 (20100621) +* Feature: svcrash.py is a new tool for sending messages that crash svwar and + svcrack +* Bug fix: helper.py has been fixed when decoding the tags (svcrash abuses + this issue) + +v0.2.5 (20100519) +* Feature: svwar.py has "scan for default / typical extensions" option. This + option tries to guess numeric extensions which have certain patterns + such as 1212 etc. Option is -D, --enabledefaults + +* General: svwar.py and svcrack.py now have a new option which allows you to set + how long the tools will scan without receiving any response back. + This allows us to prevent flooding the target. Some PBX servers now + have built-in firewalls / intrusion prevention systems which will + blacklist the IP address of anyone using svwar or svcrack. Therefore + if the IP is blacklisted it makes sense to stop scanning the target. + The default for this option is 10 seconds. Set this option by using + --maximumtime [seconds] +* Removed: svlearnfp.py is now discontinued. The tool is still included for + historic reasons but disabled. +* Feature: svmap.py now includes the following new features: + --debug - shows messages as they are received (useful for + developers) + --first - scans the first X number of hosts, useful for + random or large address pool scanning + --inputtext - scans IP ranges taken from a text file + --fromname - sets the from header to something specific + useful for abusing other security issues or + when svmap is used in a more flexible way + then usual ;-) +* Feature: svreport.py now has two new modes: + - stats, which lists some statistics + - search, allows you to search through logs looking for + specific user agents +* Bug fix: svwar.py now by default does not send ACK messages (was a buggy feature + that did not follow the standard) +* Bug fix: svwar.py - the template passed through --template option is now checked + sanity. + +v0.2.4 +* Feature: svwar.py can now scan for templated numbers. This allows more flexible + usage of ranges of numbers, allowing for prefixes and suffixes as + need be ;-) +* Bug fix: svwar.py now sends ACK to be nice to other devices. +* Bug fix: each tag is padded with a unique 32 bit +* Bug fix: Contact header is always added to the request to always send well + formed SIP requests +* Bug fix: Large data is sent fragmented now (mysendto) +* Bug fix: svwar.py now handles new SIP response codes + +v0.2.3 +* Feature: Fingerprinting support for svmap. Included fphelper.py and + 3 databases used for fingerprinting. +* Feature: Added svlearnfp.py which allows one to add new signatures to + db and send them to the author. +* Feature: Added DNS SRV check to svmap. Use ./svmap.py --srv domainname.com + to give it a try + +v0.2.svn +* Feature: added the ability for svreport to count results when doing a list +* Bug fix: fixed a bug related to resuming a scan which does not have an + an extension + +v0.2.1 (maintenance) +General: +* Feature: updated the report function to include more information about + the system. Python version and operating system is now included + in the bug report. option now supports optional feedback. + +* Feature: Store information about the state of a session. Sessions can be + complete or incomplete, so that you can resume incomplete sessions + but not complete ones. + +* Feature: Added -e option to svmap. Allows you to specify an extension. This + is useful when using -m INVITE options on a SIP phone. + +* Bug fix: Added a check to make sure that the python version is supported. + Anything less than version 2.4 is not supported + +* Bug fix: IP in the SIP msg was being set to localhost when not explicitly + set. This is not correct behavior and was fixed. As a result of this + behavior some devices, such as Grandstream BT100 were not being detected. + Thanks to robert&someone from bulgaria for reporting this + +* Bug fix: fixed a bug in the database which was reported anonymously via the --reportback / -R option. + Thanks whoever reported that. Bug concerns the dbm which does not + support certain methods supported other database modules referenced + by anydbm. Reproduced on FreeBSD. Thanks to Anthony Williams for help i + dentifying this + +* Bug fix: Ranges of extensions in svwar could not take long numeric extensions + (xrange does not support long / large numbers). Thanks to Joern for reporting this + +* Bug fix: svwar was truncating extension names containing certain characters. Fixed. + +* Bug fix: when binding to a specific interface, the IP within the SIP message could be incorrect (when there are multiple interfaces). This has been fixed. + +* Cosmetic: Certain PBXs reply with "603 Declined" when svwar finds that the + extension does not exist. This creates extra noise. It is now being + suppressed. + +v0.2 +General: +* Feature: replaced 3rd party functions in ip4range with our functions in helper.py +* Feature: ReportBack function is off by default but can be enabled by using -R option +* Feature: verbose and quiet mode. Now making use of logging module +* Newtool: svreport - export to csv, pdf, xml and plain text. +* Feature: session / database support. This allows two things: + - resuming of previous scans + - exporting the results to more meaningful formats +* Feature: give a warning when the default port is already being used and listen on another port + + +Svmap: +* Feature: Host arguments now accepts a variety of formats. You can now scan using ranges like the following: + - 1.1.1.1-20 1.1.1-20.1-10 + - 1.1.1.* + - 1.1.1.1-1.1.2.20 + - sipvicious.org/22 +* Bug fix: Generation of hosts to scan is now dynamic and does not slow down startup time +* Feature: Now making use of the standard logging module with more logging to debug problems +* Feature: When the port is already bound, svmap tries to listen on another port +* Feature: Added options to allow you to specify the ip to bind to as well as the external ip address of the scanner +* Feature: --help now shows proper usage +* Feature: New scanning method - random scan! This scans only valid internet address space. +* Feature: Randomize scan. Allows you to randomize the order of the IP addresses to be scanned. + +Svwar: +* Bug fix: Svwar was missing valid extensions (false negatives) - fixed +* Bug fix: Logic bug which did not identify between a server that does not respond and one that sends an unexpected response. +* Bug fix: Fixed description of errors and usage + +Svcrack: +* General: --help output was updated to match the other tools. + +Svreport: +* General: was born. Allows managing of saved sessions and exporting to different file formats. +* Feature: Reverse name lookup for ip addresses + +v0.1 +First release. diff --git a/sipvicious.install b/sipvicious.install deleted file mode 100644 index 1f30df42fb75..000000000000 --- a/sipvicious.install +++ /dev/null @@ -1,26 +0,0 @@ -post_install() { - _pkgprogs=('pptable.py' 'regen.py' 'svcrack.py' 'svcrash.py' 'svfphelper.py' 'svhelper.py' 'svlearnfp.py' 'svmap.py' 'svreport.py' 'svwar.py') - - for _prog in ${_pkgprogs[@]} - do - ln -s "/usr/share/sipvicious/$_prog" "/usr/bin/${_prog%%.*}" - done -} - -post_upgrade() { - _pkgprogs=('pptable' 'regen' 'svcrack' 'svcrash' 'svfphelper' 'svhelper' 'svlearnfp' 'svmap' 'svreport' 'svwar') - - for _prog in ${_pkgprogs[@]} - do - rm "/usr/bin/$_prog" - done -} - -post_remove() { - _pkgprogs=('pptable' 'regen' 'svcrack' 'svcrash' 'svfphelper' 'svhelper' 'svlearnfp' 'svmap' 'svreport' 'svwar') - - for _prog in ${_pkgprogs[@]} - do - rm "/usr/bin/$_prog" - done -} |