VideoJak

VideoJak is an IP Video security assessment tool that can simulate a proof of concept video interception or replay test against a targeted, user-selected video session. A security tool within the VAST suite, VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264. VideoJak works by first capturing the RTP port used in a video conversation or stream.

Next, VideoJak analyzes the RTP packets, collecting the RTP sequence numbers and timestamp values used between the video endpoints. Then VideoJak creates a custom video payload by changing the sequence numbers and timestamp values used in the original RTP packets between the two video endpoints. After the user selects a targeted video device to attack in an ongoing video session, VideoJak delivers the payload over the learned RTP port against the target. Some of the proof of concept attacks that can be simulated against an IP video network include the following:

• IP Video replay attack against an IP camera video surveillance solution stream (Creating a “blind camera”)
• Targeted IP video DoS against a user selected IP video phone (SCCP support)
• Severely degraded audio and video quality (DoS)

VideoJak features:

• VLAN Discovery (CDP) and VLAN Hop
• Call pattern tracking for SIP and SCCP signaling protocols
• Audio codec (G.711u, G.722) and Video codec (H.263, H.264) support
• Creates custom payload from H.263/H.264 packet capture
• MiTM functions and host management
• Allows user to select an active IP video call from a menu
• Allows user to select a targeted IP Phone or camera for DoS within the video session
• Enables the user to send the attack during an active, ongoing video call
• IP Video Replay attack (New)
• Media Blackhole attack (New)