The open-source version of SIPVicious, first published back in 2007, was written in Python and is available on Github for free. This includes three main tools,
svmap which is a scanner for SIP,
svwar which enumerates extensions on SIP devices and
svcrack that tries to guess passwords for SIP extensions. The tools only support SIP over UDP and do not offer support for TCP or TLS due to design issues.
SIPVicious PRO is a complete rewrite in Go, with a larger feature-set and more ambitious goals. End users get an executable binary for their OS rather than Python scripts.
It is meant to be used by vendors and system integrators internally to identify common RTC vulnerabilities before making it to production. Therefore, it supports the most commonly used protocols for SIP, that is, UDP, TCP, TLS and WebSockets. With WebSocket and DTLS-SRTP support, the tool can be used to test WebRTC infrastructure. Additionally, SIPVicious PRO can make and receive calls, handling SIP flows correctly. This allows for a number of attacks to be reproduced on test systems. The template system allows testers to quickly modify the SIP messages sent to the target system to include custom headers and other peculiarities as need be. SIPVicious PRO is not limited to just tests on SIP, but also other related protocols such as RTP. And finally, SIPVicious PRO makes use of our internal network library which gives the tool speed while maintaining sessions and other logical complexities in check.
|SIP UDP support||✔||✔|
|SIP TCP support||✖||✔|
|SIP TLS support||✖||✔|
|SIP over Websockets support||✖||✔|
|SIP REGISTER Flood||✔||✔|
|SIP online password cracking||✔||✔|
|SIP INVITE Flood||✖||✔|
|SIP Digest Leak||✖||✔|
|SIP INVITE enumeration||✖||✔|
|RTP Bleed attack||✖||✔|
|SIP method enumeration||✖||✔|