Ip phone Scanning Made Easy (ISME) scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN. It seeks to get the phone's configuration file directly from a TFTP server, enable SIP/SIPS (TCP/UDP), communicate with an embedded Web server and Web server banner, identify the editor by MAC address, and identify potential default login/password combinations which should be changed.
|Tags||Security Audit Telephony Scanner|
|Operating Systems||Unix/Linux Windows Mac OS X|
Release Notes: This release fixes an exploit related to the Aastra IP Phone hardcode telnet login/password.
Release Notes: An incorrect name in a file blocked the launch of the main script on some systems. This has been corrected.
Release Notes: This release adds code for a polycom HDX telnet authorization bypass exploit and a "having fun with SSH on Cisco IP" phone tool.
Release Notes: This release adds a user interface update, vulnerability detection, and Cisco phone SSH server detection. It fixes exploits related to Alcatel OXO FTP Denial of service, Mitel IP phone information disclosure, and Mitel IP phone XSS. A new Perl library is in use, Net::SSH.
Release Notes: This release adds Cisco phone logout mobility feature abuse, a module to detect the use of the default Login/password on the embedded Web interface from Mitel phones, Aastra IP phone information disclosure (OSVDB-ID: 72941/EDB-ID 17376), Avaya Ip Office Linux voicemail password file data disclosure, a script providing phone call and remote taping on SNOM phones, and Mitel AWC unauthenticated command execution (OSVDB-ID: 69934/EDB-ID 15807).