WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to use. The tools are build for single using too, so every tool is its own python or bash program.

Installation

Install the dependencies in requirements.txt and the python dependencies in requirements_python.txt. If you have problems with installation of netfilterqueue, you can build it from source:

pip install -U git https://github.com/kti/python-netfilterqueue.git

Use the configure.sh script to download and build Cisco Systems’ SRTP library.

Tools

Wizard

The goal of the WireBug tool set is the wizard with tab-completion. This makes it easy to use without knowledge of detailed information about the tool or options. It is recommended to use the tools with the wizard.

Start the Wizard

python wirebug.py

Output

     __      __.__              __________              
/ / __|______ __________ __ __ ____
// / _ __ _/ __ | | _/ | / ___
>>>>>>>>>>>>>/|>>||>>|>/>>>>>/|>>>>|>>>>>|>>/>/>/>>>>>>>
__/ / |__||__| ___ .______ /____/___ /
/ / / /_____/

by Moritz Abrell - SySS GmbH, 2019 - 2020



Follow the wizard to use WireTap.
Use TAB to show possible options.

wizard >

help function

wizard > help

Documented commands (type help ):
========================================
bridge clear doubleencap help timeshift
cdpanalyze decodesrtp exit lldpspoof vlanenum

Sample usage


__ __.__ __________
/ / __|______ __________ __ __ ____
// / _ __ _/ __ | | _/ | / ___
>>>>>>>>>>>>>/|>>||>>|>/>>>>>/|>>>>|>>>>>|>>/>/>/>>>>>>>
__/ / |__||__| ___ .______ /____/___ /
/ / / /_____/

by Moritz Abrell - SySS GmbH, 2019



Follow the wizard to use WireTap.
Use TAB to show possible options.

wizard > lldpspoof

This tool is for spoofing LLDP-MED packets with different vendor specific attributes. It is useful to jump into VoIP VLAN if LLDP-MED is configured

Enter the interface which will be used: enp0s31f6

Enter the vendor : innovaphone

Enter the MAC address o f a innovaphone device <00:90:33:XX:XX:XX>: 00:90:33:00:00:01

Enter a device model e.g. : IP811

Verbose mode (will capture the possible response and open it in wireshark)? or : y

.
Sent 1 packets.
[ ] Packetspoofing success.
[*] Waiting for possible response.
[ ] Response recived!

Usage Video

Author

Moritz Abrell, SySS GmbH 2019-2021

Disclaimer

Use at your own risk. Do not use without full consent of everyone involved. For educational purposes only.

Download WireBug

Leave a Reply

Your email address will not be published. Required fields are marked *