naidu / sipvicious

Automatically exported from code.google.com/p/sipvicious
0 stars 0 forks source link

svwar socket time out error #16

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. the svmap runs correctly and identifies the asterisk server (v.1.4.38) on 
the server
2. when running svwar.py with extension range covering the extensions supported 
by asterisk and the IP address of the server, the process stops and shows the 
following message: 
error:TakeASip:Socket error:Timed out
Warning: root: found nothing

What version of the product are you using? On what operating system?
version: 0.2.6

Additional information:
At the asterisk server displays the message when launching the command svwar.py 
at the client side : registration from **** <sip:****@****> failed for ******- 
No matching peer found

Original issue reported on code.google.com by fadlal...@gmail.com on 13 Apr 2011 at 11:38

GoogleCodeExporter commented 9 years ago
could you provide me with some pcaps? send them to sandro@enablesecurity.com if 
you prefer

Original comment by sandrogauc on 13 Apr 2011 at 12:05

GoogleCodeExporter commented 9 years ago
Hello.
I have same problem. 
Im using backtrack5 (ubuntu 10.4) , svwar 0.2.4
I tried svwar on multiple hostes (all with permisiion of owners), but with all 
the same ( ERROR:TakeASip:socket error: timed out )

Original comment by kertai.a...@gmail.com on 28 Jun 2011 at 8:55

GoogleCodeExporter commented 9 years ago
Use the latest version from SVN please. SIPVicious 0.2.4 is very outdated. The 
SVN has patches which fix some known issues. 

Original comment by sandrogauc on 28 Jun 2011 at 9:02

GoogleCodeExporter commented 9 years ago
I installed the latest version (0.2.6) , but the problem remains the same.
svmap.py can find hostes as it should , but svwar.py don't work 
(ERROR:TakeASip:socket error: timed out) . I tried it on more than 10 hostes 
(with their permission).

Original comment by kertai.a...@gmail.com on 28 Jun 2011 at 9:39

GoogleCodeExporter commented 9 years ago
please test the SVN version (subversion) as I instructed before. Also - contact 
me off list with further information, otherwise I cannot help you.

Original comment by sandrogauc on 28 Jun 2011 at 9:41

GoogleCodeExporter commented 9 years ago
I'm testing SVN version. Will give you feedback ASAP on your mail. 

Original comment by kertai.a...@gmail.com on 28 Jun 2011 at 10:33

GoogleCodeExporter commented 9 years ago
I seem to have similar error messages. svmap seems to work fine and finds 
asterisk, but svwar no worky.
# Running Ubuntu Linux clucky 2.6.38-8-generic
# Trixbox 2.8.04 running under Vmware player with private/host only networking.
# Have 3 ext(100,101,123) set up and working(can call between them with ekiga)
# svn checkout http://sipvicious.googlecode.com/svn/trunk/ sipvicious-read-only

# ./svwar.py 192.168.228.129
ERROR:TakeASip:socket error: timed out
WARNING:root:found nothing

# tail of log in /var/log/asterisk/full
[Jun 29 12:28:35] NOTICE[5024] chan_sip.c: Registration from 
'"1129487953"<sip:1129487953@192.168.228.129>' failed for '192.168.228.1' - No 
matching peer found

Original comment by brad.cle...@gmail.com on 29 Jun 2011 at 4:46

GoogleCodeExporter commented 9 years ago
I apologize.  My errors are completely id10T errors, but just in case someone 
else is seeing the same thing...  Add a -m with svwar to change the method from 
reg to invite.  Sorry guys.
Example: ./svwar.py xxx.xxx.xxx.xxx -m Invite

Original comment by brad.cle...@gmail.com on 29 Jun 2011 at 8:02

GoogleCodeExporter commented 9 years ago
For others having this issue, SVN version fixes the issues

Original comment by theghost...@gmail.com on 6 Feb 2012 at 1:46

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago

Original comment by san...@enablesecurity.com on 4 May 2013 at 7:41

GoogleCodeExporter commented 9 years ago
i can see what the problem now that MSG  
ERROR:TakeASip:socket error: timed out
WARNING:root:found nothing

only show when the server close the 5060 and 5061 port or filter it to access 
only from local network 
most of the local PBX do that to secure they PBX from svwar attack and just add 
VPN or OPENVPN option for they users so they can access to the 5060 just when 
the use it get local ip 192.168.1.* or 10.0.0.* so they never blocked that what 
i see form my lot of try around hope that help use NMAP before attacking to 
make sure its open option -PN tho show the closing and filtering local ports 

Original comment by m4ster0...@gmail.com on 18 Aug 2013 at 8:26