VoIP Hacking Just got Easier
Posted in Phone Systems by admin on October 1st, 2008 A telecoms security expert has unveiled a tool that shows just how easy it is to hack in to a Voice over Internet Protocol (VoIP) calls.
UCSniff has grouped a selection of open source applications into a single software package that allows penetration testers to assess the security of VoIP calls over a client’s network. The software also introduces several new features that make eavesdropping on specific targets extremely simple.
UCSniff runs on a laptop that can be connected in to the Ethernet port of the network you want to probe. From that point, a VLAN hopper automatically traverses the virtual local area network until it accesses the part that carries VoIP calls.
Once the tool ha gained access, UCSniff automatically injects spoofed Address Resolution Protocol (ARP) packets into the network, allowing all voice traffic to be routed to the laptop.
The package allows users to home in on a conversation from a particular user. Targets can be selected by extension number or dial-by-name features, making it easy to listen to all calls made by a specific individual – for example, your boss, and even filtering calls made from the boss to the finance department only, for example.
UCSniff creator Jason Ostrom said, “It’s silently intercepting all the traffic and forwarding it to the phone, so a regular phone user would not be able to tell the difference.
“They think they’re talking directly to the other phone when in fact the tool is actually intercepting all the traffic.”
UCSniff makes it easy to catch bi-directional conversations in a single audio file. It automatically records calls that use the G.711 and G.722 codecs. Remote use isn’t possible, as you need to be directly wired to the network, but an insider could easily tap-in from somewhere in the building. Ostrom claims the software can be connected to a hotel VoIP system as well.
The program is to be made free for download in the coming weeks from Sipera Systems. Ostrom claims that up to 90 percent of businesses do not have adequate VoIP security, so quite why he’s releasing this is strange.
He tries to shed some light on his motivations, “I’d like to think that I’m creating this tool to create education awareness,” he said. “It’s a tool that every security and VoIP owner should have in their bag and that’s why we’re giving it away for free.”
