search

Pepelux / sippts

Set of tools to audit SIP based VoIP Systems
GNU General Public License v3.0
414 stars 81 forks source link

Option : Add custom header to sipsend #31

Closed p1-aji closed 1 year ago

p1-aji commented 1 year ago

Hello, First of all,thanks for the great work here!

As a suggestion of a new option to SIPSEND script : Allowing the user to add a custom header to test for injection attacks .

For example it can be something like this python3 sipsend.py -i 192.168.235.140 -r 5060 -m register --user 100 --pass xxx --header test:injection here

the request will be something like this:

Via: SIP/2.0/UDP 192.168.1.112:48617;branch=tqabdqwqky8h2sqbysaxndqaqteeh33bfa5s15qqsaof3zfzxtu32gdto1w6u0p39qtx3d8
From:  <sip:100@192.168.235.140>;tag=dedcedd4
To:  <sip:100@192.168.235.140>
Contact: <sip:100@192.168.1.112:48617;transport=UDP>
Call-ID: c4db093cfefecf76ce41504c057dbaea
test: injection here
CSeq: 1 REGISTER
Max-Forwards: 70
User-Agent: pplsip
Allow: INVITE,REGISTER,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE
Expires: 10
Content-Length: 0

Thanks.

Pepelux commented 1 year ago

I've just added the -header param to the sipsend.py script

Cheers