-
Notifications
You must be signed in to change notification settings - Fork 87
/
changelog.txt
196 lines (174 loc) · 6.34 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
v4.1.2 (Nov/2024):
- scan:
- control ulimit handler and adjust according to threads
- global:
- bug fixes
v4.1.1 (Oct/2024):
- added new binary: sippts-gui
- global:
- clean unused params
- added stop functions in some modules
- bug fixes
v4.1 (Sep/2024):
- added IPv6 conversions
- renamed module sippcapdump to sipdump
- removed tshark module
- added module pcapdump to dump data from a PCAP file (SIP, RTP and RTP-to-WAV)
- added module video to show animated help
- added module astami to connect to Asterisk AMI
- scan:
- added param -t to set sockets timeout
- added param -oi to save found ips into a file
- leak:
- added param -t to set sockets timeout
- enumerate:
- added param -t to set sockets timeout
- exten:
- added param -t to set sockets timeout
- ping:
- added param -t to set sockets timeout
- rcrack:
- added param -t to set sockets timeout
- send:
- added param -t to set sockets timeout
- added param -v for verbose mode
- added param -template to load SIP messages
- dcrack:
- use pyshark library instead tshark application
- added param -th to use threads
- global:
- bug fixes
v4.0 (May/2024):
- Unify scripts into one: sippts
- bug fixes
- Deleted script sipfuzzer
- added param -cve in scan script to show possible CVEs
- added param -up for update scripts and cve file
v3.4 (Feb/2024):
- added param -ppi for P-Preferred-Identity
- added param -pai for P-Asserted-Identity
- sipsend:
- added param --local_port to force local port
- added param --no_contact to send message without contact header
- sipinvite: added param --local_port to force local port
- sipexten:
- added param -ofile to save results
- added param -f to filter response code
- sipsend:
- added param -header to insert custom headers
- global:
- bug fixes
- Renamed script sipdump to sippcapdump
- Renamed script sipcrack to sipdigestcrack
v3.3 (Nov/2022):
- sipflood:
- added param -th to allow threads
- added params -b -a -min -max to create malformed headers
- sipscan:
- manage large ranges of IP networks. Fixed memory leak problems
- can now run faster. Supports 800 threads without memory consumption
- added param -random to randomize target hosts
- sipdigestleak
- now can attack several IP addresses or network ranges
- added param -ping to ping the host and connect to them only if it is alive
- added param --file lo load IPs from a file, with format (ip:port/proto)
- sipenumerate:
- use threads to run faster
- show fingerprinting to give more information
- sipping:
- new module to check if a server/device is alive
- rtpbleedinject:
- new module to inject RTP frames when RTPBleed vulnerability is present
- wssend:
- new module to send SIP messages over WebSockets
- sipfuzzer:
- new module to perform a SIP fuzzing test on several SIP methods
- global:
- bug fixes
v3.2 (Sep/2022)
- sipsend:
- added params from_tag, to_tag, branch, callid, cseq, sdp
- added params user and pass to send a second message with auth if we obtain a code 401/407
- added param --sdes to send cipher keys in SDP
- added param --local-ip to force it in case of multiple IP addresses
- sipinvite:
- added param --no-sdp to send the INVITE without SDP
- added param --sdes to send cipher keys in SDP
- now it is possible to send to a range of callers (To-User) and a range of callees (From-User)
- added param --local-ip to force it in case of multiple IP addresses
- sipenumerate:
- added verbose mode
- siprcrack:
- added param lenght to force the size of extensions
- added param user to set the From and To user (by default is prefix+extension). If is set, the prefix only will be applied to Auth User
- siptshark:
- new module to extract info from a PCAP file
- arpspoof:
- new module to do an ARP cache poisoning
- sipsniff:
- new module to sniff SIP traffic
- sipdigestleak:
- added tls support
- added param --local-ip to force it in case of multiple IP addresses
- sipscan:
- added param --output-file to save results
- added param -fp to fingerprinting
- global:
- added class Color and param nocolor to show console responses in ansii
- bug fixes
v3.1.0 (Sep/2022)
- Added parameter From Domain and To Domain to SipScan, SipSend, SipInvite, SipFlood and SipDigestLeak
- SipScan can load IPs or network ranges from a file
- Bug fixes in TLS connections
- New scripts rtpbleed, rtcpbleed and rtpbleedflood to exploit RTPBleed vulnerability
v3.0.0 (Apr/2022)
- New version coded in python
- Erased some scripts: sipsniff, sipspy and sipreport
- Renamed script sipcracker to siprcrack
- New script sipenumerate to enumerate available methods of a SIP sevice/server
- New script sipdump to extract SIP Digest authentications from a PCAP file
- New script sipcrack to crack the digest authentications within the SIP protocol
v2.0.5 (Jan/2022)
- sipflood.pl: new script to flood a SIP server
- sipcracker.pl: if all password are found, the script ends
- sipdigestleak.pl: added cnonce, nc and qop params when export files with sipdump format
- sipscan.pl: bug fixes
v2.0.4 (Aug/2020)
- Hostname to IP address resolution
- TLS support
- sipinvite.pl: Fixed ACK responses and added BYE message
v2.0.3 (Dec/2019)
- Fix manpage-has-bad-whatis-entry error in man pages
- sipscan.pl: Added -th param and bug fixes in threads
- Code optimized in several scripts
v2.0.2 (Dec/2019)
- Fixes in man pages
- Moved sipcrack to sipcracker
v2.0.1 (Dec/2019)
- Bug fixes
- Added man pages
v2.0.0 (Dec/2019)
- sipscan, sipexten, sipcrack, sipinvite: New params to customize SIP headers (From User, From Name, To User, To Name, Contact Domain, SIP Domain)
- sipinvite.pl: Allow TCP connections
- Bug fixes
v1.2.13 (Oct/2019)
- New param (-version) to show current version and check for new updates
- sipscan.pl: New optional param (-web) to check for a control panel
- sipinvite.pl: New param (-log) to save data into a log file
v1.2.12 (Oct/2019)
- sipscan.pl: using threads are now optional (-noth)
v1.2.8 (May/2019)
- Bug fixes
v1.2.7 (May/2019)
- Don't save data into database bt default
v1.2.6 (Jan/2019)
- New script (sipdigestleak.pl) to exploit the vulnerability discovered by
Sandro Gauci that affects a large number of hardware and software devices
v1.2.2 (Dec/2018)
- Bug fixes
v1.2.1 (Aug/2018)
- Bug fixes
- Change --nodb by --db (by default don't save session)
- Now it is possible to change the user-agent
v1.2 (Feb/2015)
- First commit uploaded to Github