The SIP Digest Leak is a vulnerability that affects a large number of SIP Phones, including both hardware and software IP Phones as well as phone adapters (VoIP to analogue). The vulnerability allows leakage of the Digest authentication response, which is computed from the password. An offline password attack is then possible and can recover most passwords based on the challenge response.

By making use of sipdigestleak.py which is included in VOIPPACK, one can automate the process of getting the phone to ring, obtaining a challenge response and performing a brute-force attack. In this tutorial we shall be looking at how this module makes the whole process an easy task.

From the archive:

In this Special Edition, I sat down with Cullen Jennings out at VoiceCon San Francisco in August 2007 to talk about SIP security.