Tweet
VOIPSHARK: OPEN SOURCE VOIP ANALYSIS PLATFORM
VOIPSHARK:开源VOIP分析平台是与非
Nishant Sharma
R&D Manager, Pentester Academy
Jeswin Mathai
Security Researcher, Pentester Academy
Ashish Bhangale
Senior Security Researcher, Pentester Academy
Leveraging the packet switched network for making phone calls or VoIP has come a long way now. Today, it has already replaced conventional circuit switching based telephones from the large organizations and now moving to capture the non-commercial users.
In this demo, we will focus on the traffic analysis based security analysis of SIP and RTP protocols which are one of the most popular protocols for VoIP.
These protocols are already gaining new adopters on high rate and also replacing older protocols like H323.We will discuss VoIPShark open source VoIP Analysis Platform which will allow people to analyze live or stored VoIP traffic, easily decrypt encrypted SRTP stream, perform macro analysis, generate summary specific to VoIP traffic/nodes and export calls/SMS/DTMF in popular user friendly file formats.
We will also be releasing VoIPShark collection of Wireshark plugins written in Lua under GPL.
VoIPShark is plug-n-play, easy to modify/extend and platform independent in nature. We will also discuss the currently available open source tools for SRTP decryption, their shortcomings and how VoIPShark address those.
利用分组交换网络进行电话呼叫或VoIP已经取得了很大的进展。如今,它已经取代了传统基于电路交换的电话 。从大型机构,至现在正着手吸引非商业用户都用它。在本演讲中,我们将重点放在基于流量分析的SIP协议和 RTP协议的安全性分析,这是目前最流行的VoIP协议之一。这些协议已经以很高的速率获得了新的采用者, 并取代了像H323这样的旧协议。我们将讨论VoIPShark开源VoIP的分析平台,它将允许人们分析 实时或存储的VoIP流量,轻松解密加密的SRTP流,执行宏分析,生成特定于VoIP流量/节点的摘要,并以流行的文件格式导出call /SMS/DTMF。
我们还将发布VoIPShark Wireshark插件集合,这些插件是在GPL下用Lua编写的。
VoIPShark是即插即用的,易于修改/扩展,本质上不限于任何平台。
我们还将讨论当前可用于SRTP解密的开源工具、它们的缺点及VoIPShark如何解决这些问题。
Nishant Sharma is a R&D Manager at Pentester Academy and Attack Defense. He is also the Architect at Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX and WiMini. He also handles technical content creation and moderation for Pentester Academy TV. He has 6+ years of experience in information security field including 4+ years in WiFi security research and development. He has presented/published his work at Blackhat USA/Asia, Wireless Village, IoT village and Demo labs (DEF CON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master’s degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, Forensics and Cryptography.
LinkedIn: https://www.linkedin.com/in/wifisecguy/
Twitter: @wifisecguy
Facebook: https://www.facebook.com/wifisecguy
Ashish Bhangale is a Senior Security Researcher at Pentester Academy and Attack Defense. He has 6+ years of experience in Network and Web Application Security. He has also worked with the state law enforcement agencies in the capacity of a Digital Forensics Investigator and was instrumental in solving IT fraud/crime cases. He was responsible for developing and testing the Chigula (WiFi Forensics Framework) and Chellam (First pure WiFi Firewall) frameworks. He has also created and managed multiple projects like Vulnerable Web Application OSes, Vulnerable Router Project and Damn Vulnerable Wordpress. He has presented/published his work at Blackhat, Wireless Village, IoT village and Demo labs (DEF CON). His areas of interest include Forensics, WiFi and AD security.Jeswin Mathai is a Researcher at Pentester Academy and Attack Defense. He has published his work at Blackhat Arsenal and Demo labs (DEF CON). He has a Bachelor’s degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
Twitter: @jeswinMathai
Facebook: https://www.facebook.com/jeswinMathai
Nishant Sharma是Pentester Academy and Attack Defense的研发经理。他还是Hacker Arsenal的设计师,领导开发Wimonitor、Winx和Wimini等Wifi Pentesting的多个小工具。他还负责Pentester Academy TV的技术内容创建和调整。他在信息安全领域拥有6年以上的经验,包括4年以上的WiFi安全研发经验。他 在Blackhat美国/亚洲、无线village、IoT village和DEF CON的演示实验室发表过。在加入Pentester Academy之前,他曾在Mojo Networks担任固件开发员,在那里他为企业级WiFi AP开发了新功能,并维护了最先进的WiFi入侵预防系统(WIPS)。他拥有印度国际信息技术学院德里信 息安全硕士学位。他还曾在同行评审的学术研究发表关于HMAC安全。他的兴趣包括WiFi和物联网安全、A D安全、取证和密码技术。
LinkedIn: https://www.linkedin.com/in/wifisecguy
推特:https://twitter.com/wifisecguy
脸谱网:https://www.facebook.com/wifisecguy
Ashish Bhangale是Pentester Academy和Attack Defense的高级安全研究员。他在网络和Web应用程序安全方面有6年以上的经验。他还曾以数字取证调 查员的身份与国家执法机构合作,并帮助解决IT欺诈/犯罪案件。他负责开发和测试Chigula(WiFi取证框架)和Chellam(第一个纯WiFi防火墙 )框架。他还创建和管理了多个项目,如易受攻击的Web应用程序操作系统、易受攻击的路由器项目和特易受攻 击的WordPress。他也曾在Blackhat、无线village、IoT village和DEF CON的演示实验室发表过。他的兴趣包括取证、WiFi和AD安全。Jeswin Mathai是Pentester Academy和Attack Defense的研究员。他在Blackhat Arsenal和DEF CON的演示实验室发表过。他拥有IIIT Bhubaneswar的学士学位。他是InfoSec Society IIIT Bhubaneswar的团队负责人,与CDAC和ISEA合作,对政府门户网站进行安全审计,为政府机构 举办意识研讨会。他也是Pied Piper团队的一员,该团队赢得了由GoI组织的全国水平的“智能印度黑客松2017”。他感兴趣的领域 包括恶意软件分析和逆向工程、密码学、WiFi安全和Web应用程序安全。
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
推特: https://twitter.com/jeswinMathai
脸谱网: https://www.facebook.com/jeswinMathai
VOIPSHARK:开源VOIP分析平台是与非
Nishant Sharma
R&D Manager, Pentester Academy
Jeswin Mathai
Security Researcher, Pentester Academy
Ashish Bhangale
Senior Security Researcher, Pentester Academy
Leveraging the packet switched network for making phone calls or VoIP has come a long way now. Today, it has already replaced conventional circuit switching based telephones from the large organizations and now moving to capture the non-commercial users.
In this demo, we will focus on the traffic analysis based security analysis of SIP and RTP protocols which are one of the most popular protocols for VoIP.
These protocols are already gaining new adopters on high rate and also replacing older protocols like H323.We will discuss VoIPShark open source VoIP Analysis Platform which will allow people to analyze live or stored VoIP traffic, easily decrypt encrypted SRTP stream, perform macro analysis, generate summary specific to VoIP traffic/nodes and export calls/SMS/DTMF in popular user friendly file formats.
We will also be releasing VoIPShark collection of Wireshark plugins written in Lua under GPL.
VoIPShark is plug-n-play, easy to modify/extend and platform independent in nature. We will also discuss the currently available open source tools for SRTP decryption, their shortcomings and how VoIPShark address those.
利用分组交换网络进行电话呼叫或VoIP已经取得了很大的进展。如今,它已经取代了传统基于电路交换的电话 。从大型机构,至现在正着手吸引非商业用户都用它。在本演讲中,我们将重点放在基于流量分析的SIP协议和 RTP协议的安全性分析,这是目前最流行的VoIP协议之一。这些协议已经以很高的速率获得了新的采用者, 并取代了像H323这样的旧协议。我们将讨论VoIPShark开源VoIP的分析平台,它将允许人们分析 实时或存储的VoIP流量,轻松解密加密的SRTP流,执行宏分析,生成特定于VoIP流量/节点的摘要,并以流行的文件格式导出call /SMS/DTMF。
我们还将发布VoIPShark Wireshark插件集合,这些插件是在GPL下用Lua编写的。
VoIPShark是即插即用的,易于修改/扩展,本质上不限于任何平台。
我们还将讨论当前可用于SRTP解密的开源工具、它们的缺点及VoIPShark如何解决这些问题。
Nishant Sharma is a R&D Manager at Pentester Academy and Attack Defense. He is also the Architect at Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX and WiMini. He also handles technical content creation and moderation for Pentester Academy TV. He has 6+ years of experience in information security field including 4+ years in WiFi security research and development. He has presented/published his work at Blackhat USA/Asia, Wireless Village, IoT village and Demo labs (DEF CON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master’s degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, Forensics and Cryptography.
LinkedIn: https://www.linkedin.com/in/wifisecguy/
Twitter: @wifisecguy
Facebook: https://www.facebook.com/wifisecguy
Ashish Bhangale is a Senior Security Researcher at Pentester Academy and Attack Defense. He has 6+ years of experience in Network and Web Application Security. He has also worked with the state law enforcement agencies in the capacity of a Digital Forensics Investigator and was instrumental in solving IT fraud/crime cases. He was responsible for developing and testing the Chigula (WiFi Forensics Framework) and Chellam (First pure WiFi Firewall) frameworks. He has also created and managed multiple projects like Vulnerable Web Application OSes, Vulnerable Router Project and Damn Vulnerable Wordpress. He has presented/published his work at Blackhat, Wireless Village, IoT village and Demo labs (DEF CON). His areas of interest include Forensics, WiFi and AD security.Jeswin Mathai is a Researcher at Pentester Academy and Attack Defense. He has published his work at Blackhat Arsenal and Demo labs (DEF CON). He has a Bachelor’s degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
Twitter: @jeswinMathai
Facebook: https://www.facebook.com/jeswinMathai
Nishant Sharma是Pentester Academy and Attack Defense的研发经理。他还是Hacker Arsenal的设计师,领导开发Wimonitor、Winx和Wimini等Wifi Pentesting的多个小工具。他还负责Pentester Academy TV的技术内容创建和调整。他在信息安全领域拥有6年以上的经验,包括4年以上的WiFi安全研发经验。他 在Blackhat美国/亚洲、无线village、IoT village和DEF CON的演示实验室发表过。在加入Pentester Academy之前,他曾在Mojo Networks担任固件开发员,在那里他为企业级WiFi AP开发了新功能,并维护了最先进的WiFi入侵预防系统(WIPS)。他拥有印度国际信息技术学院德里信 息安全硕士学位。他还曾在同行评审的学术研究发表关于HMAC安全。他的兴趣包括WiFi和物联网安全、A D安全、取证和密码技术。
LinkedIn: https://www.linkedin.com/in/wifisecguy
推特:https://twitter.com/wifisecguy
脸谱网:https://www.facebook.com/wifisecguy
Ashish Bhangale是Pentester Academy和Attack Defense的高级安全研究员。他在网络和Web应用程序安全方面有6年以上的经验。他还曾以数字取证调 查员的身份与国家执法机构合作,并帮助解决IT欺诈/犯罪案件。他负责开发和测试Chigula(WiFi取证框架)和Chellam(第一个纯WiFi防火墙 )框架。他还创建和管理了多个项目,如易受攻击的Web应用程序操作系统、易受攻击的路由器项目和特易受攻 击的WordPress。他也曾在Blackhat、无线village、IoT village和DEF CON的演示实验室发表过。他的兴趣包括取证、WiFi和AD安全。Jeswin Mathai是Pentester Academy和Attack Defense的研究员。他在Blackhat Arsenal和DEF CON的演示实验室发表过。他拥有IIIT Bhubaneswar的学士学位。他是InfoSec Society IIIT Bhubaneswar的团队负责人,与CDAC和ISEA合作,对政府门户网站进行安全审计,为政府机构 举办意识研讨会。他也是Pied Piper团队的一员,该团队赢得了由GoI组织的全国水平的“智能印度黑客松2017”。他感兴趣的领域 包括恶意软件分析和逆向工程、密码学、WiFi安全和Web应用程序安全。
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
推特: https://twitter.com/jeswinMathai
脸谱网: https://www.facebook.com/jeswinMathai