EnableSecurity

Go get it

A paper is coming up on the subject because there's been quite some buzz on this on Twitter and some VoIP security blogs. The VOIPSA post explains that this is available to CANVAS users. Check out the VOIPPACK page for more information. And Sjur's blog attracted quite some attention with the title "Get the password from ANY SIP device?!?! It is fully possible!".

Meanwhile, we're having a tutorial rush over here - 2nd tutorial related to VoIP and VOIPPACK published here. By following the steps outlined in the document, you'll be able to do the following:

• Understand how the SIP Digest Leak attack works


• Be able to get an IP Phone to ring


• Get the IP Phone to leak the challenge response


• Recover the password

Abstract:

The SIP Digest Leak is a vulnerability that affects a large number of SIP Phones, including both hardware and software IP Phones as well as phone adapters (VoIP to analogue).  The vulnerability allows leakage of the Digest authentication response, which is computed from the password. An offline password attack is then possible and can recover most passwords based on the challenge response.

Oh and just in case you're wondering .. nope this is not an April's fool joke. This IETF document describes a similar issue. Hang on for the paper on the topic.