SIP-Based Audit and Attack Tool
## What is Mr.SIP (public version)?
Mr.SIP is a simple console based SIP-based Audit and Attack Tool. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and then as an idea to convert it to a fully functional SIP-based penetration testing tool. So far Mr SIP resulted several academic research papers, and journal articles. Mr.SIP can also be used as SIP client simulator and SIP traffic generator.
In the current state, public version of Mr.SIP contains 3 modules; SIP-NES (network scanner), SIP-ENUM (enumerator), SIP-DAS (DoS attack simulator). It detects SIP components and existing users on the network and generate various TDoS attacks. Mr.SIP has some competitive features including; high performance multi-threading, powerful IP spoofing engine and smart SIP message generation. We have seen practitioners also use Mr.SIP as a client simulator and traffic generator.
Mr.SIP Pro is the most comprehensive attack oriented VoIP product ever! In the Pro version, we have added 7 more modules. We also extended the public modules with new features. In Pro version, it contains 10 modules in 3 categories; Information Gathering, Vulnerability Scanning and Offensive Modules. There are 2 helper components called: IP Spoofing Engine and Message Generator. Also in our roadmap; there are 5 new attack modules. In addition, we will develop an easy-to-use GUI.
Mr.SIP is a tool that should be in every pentester's and red teamer's toolbox. It detects SIP components and existing users on the network, intervenes and filters and manipulates call information, reports known vulnerabilities and exploits, develops various TDoS attacks, including status-controlled advanced ones and breaks user passwords. It also has many innovative and competitive features. For example; high performance multi-threading, IP spoofing, smart SIP message generation, self-hiding and intervention skills. Mr.SIP has also customisable scenario development framework for stateful attacks.
Information Gathering Modules: * SIP-NES (network scanner) * SIP-ENUM (SIP enumerator) * SIP-SNIFF (SIP traffic sniffer) * SIP-EAVES (call eavesdropper)
Vulnerability Scanning: * SIP-VSCAN (vulns & exploit scanner)
Offensive Modules: * SIP-DAS (DoS attack simulator) * SIP-MANMID (MiTM attacker) * SIP-ASP (attack scenario player) * SIP-CRACK (digest authentication cracker) * SIP-SIM (signaling manipulator)
We will add 5 new modules along with a friendly GUI. We will add fuzzing, media sniffing, media injection/manipulation, robocall (SPIT) and DTMF tone stealing features soon.
Please give star in our Github, please follow our empty Twitter account for updates. And, please subscribe our Youtube channel as we need 100 subscribers to update the URL.
If you want you get more out of Mr.SIP, check out PRO version ---> https://mrsip.gitlab.io/
Mr.SIP is a console based Python3 tool. In order to run Mr.SIP in your Kali, you need install some python libraries. Please see help and usage for full instructions.
pip install -r requirements.txt apt-get install python-scapy
python3 mr.sip.py --help python3 mr.sip.py –usage
python mr.sip.py [--nes|--enum|--das| --sniff| --manmid| --eaves| --crack| --sim| --asp| --vscan] [parameters]
Global Default Parameters If Not Given: \ Default interface (--if=) is eth0 \ Default thread count (--tc=) is 10 \ Default destination port (--dp=) is 5060
python3 mr.sip.py --nes --tn= --mt=options --from= --to= python3 mr.sip.py --nes --tn= --mt=invite --from= --to= python3 mr.sip.py --nes --tn --mt=subscribe --from= --to=
NOTE-1: <targetnetworkrange> should be like
192.168.1.10-192.168.1.20\ NOTE-2: <targetnetwork>_ should be like
192.168.1.0\ NOTE-3: You can specify the output by
-i. By default the output will be written to iplist.txt_ file which is already exists in the repo. SIP-ENUM uses that file as an input. \ NOTE-4: Default destination (--dp) is port 5060, if not given. \ NOTE-5: Default message type (--mt=) is options, if not given. \ NOTE-6: Supported message types: options, invite, subscribe, register \ NOTE-7: from and to values can be arbitrary extension number.
Output of SIP-NES:
python3 mr.sip.py --enum --from=from.txt python3 mr.sip.py --enum --tn= --from=from.txt
NOTE-1: If target network (--tn) is not given, SIP-ENUM uses iplist.txt_ file as an input which is output of SIP-NES. \ NOTE-2: Default from user (--from=) is fromUser.txt \ NOTE-3: Default message type (--mt) is subscribe, if not given.
Output of SIP-ENUM:
SIP-DAS Usage: \ By using scapy library (IP spoofing is supported)
python3 mr.sip.py --das -mt=invite -c --tn= -r python3 mr.sip.py --das --mt=invite -c --tn= -s python3 mr.sip.py --das --mt=invite -c --tn= -m --il=ip_list.txt
By using socket library (but doesn't support IP spoofing)
python3 mr.sip.py --das -mt=invite -c --tn= -r -l python3 mr.sip.py --das --mt=invite -c --tn= -s -l python3 mr.sip.py --das --mt=invite -c --tn= -m --il=ip_list.txt -l
NOTE-1: Default to users (--to=) is toUser.txt \ NOTE-2: Default from users (--from=) is fromUser.txt \ NOTE-3: Default user-agent (--ua=) is userAgent.txt \ NOTE-4: Default packet counter (-c=) is flood
Output of SIP-DAS: