Archive for June, 2009

Speaking at DefCon 17!

Tuesday, June 30th, 2009

VIPER Lab will be speaking at the DefCon 17 security conference in Las Vegas on July 31st – August 1st.  The title of our talk is “Advancing Video Application Attacks with Video Interception, Recording, and Replay.” In this talk, we’ll be exploring some tools and methods for next-generation attacks against video applications that run on top of IP networks.  This is getting interesting.  2009 was declared as the year of IP Video.  Many enterprises are rolling out video applications, but most of the time security is an afterthought with these rollouts.  We’re trying to create the education and awareness here of new video attack paths that can happen.  With these new tools, VoIP owners and security professionals can test the security of their networks, in order to understand these risks, and make a decision as to whether it’s a risk they are willing to accept, or apply the requisite security controls.  Along the way in developing these new tools, we have found a couple of new video applications that are being used for businesses in real-world examples.   For more details on our talk, see the DefCon abstract:

https://www.defcon.org/html/defcon-17/dc-17-speakers.html#Ostrom

In this talk, for the first time, we’ll be unveiling UCSniff IP Video eavesdropping to the world.  UCSniff is the first security tool that can test the security of an IP network for video eavesdropping and reconstruction of video media into an AVI file container, that can be stored and viewed by an attacker.  This version of UCSniff will be 3.0, a windows port of the code.  We are using the JUCE GUI Libraries to develop the UCSniff GUI.

We’ll also be unveiling VideoJak, an IP Video interception and replay DoS tool.  This tool will be revealed for the first time to the world with some new attacks against IP video surveillance and IP video phones.

VideoJak and UCSniff can now be followed on Twitter.  Check out the pages for both of them:

http://twitter.com/ucsniff

http://twitter.com/videojak

Finally, here is a little teaser for the look and feel of the new UCSniff 3.0 GUI.  ACE is a small program that steals the VoIP corporate directory in Cisco UCM environments.  We are nearly complete with building the ACE application on Windows.   Here it is:

Ace in action

Ace in action

Posted in Speaking Events | No Comments »

VIPER Live DVD VAST Release

Monday, June 15th, 2009

Greetings,

I am the newest addition to the VIPER team.  My name is Mike Jones and I’m the Senior Security Consultant under Jason Ostrom.  I have been working on a Linux distribution that penetration testers can utilize in their VoIP testing and have come up with VAST (VIPER Assessment Security Tools).
VIPER tools included:

-UCSniff
-VideoJak
-ACE
-VoipHopper

This distribution will be a vital part of any VoIP penetration tester’s arsenal.  The tools included on the dvd are an important part of VIPER assessments.  Along with the VoIP tools, it will also include basic penetration testing tools such as NMAP and the password brute force application, Hydra.  VIPER will be constantly adding more features such as an open source PBX, sipXecs, and other network penetration tools and vulnerability scanners.  VIPER is also providing a class which will cover VoIP assessment methodology and tool usage. There will also be a lab portion of the training where students will have the chance to use the tools in a simulated corporate environment just as they would encounter in a VoIP vulnerability assessment.

VAST is built on Ubuntu 9.04 framework and has the option to install to a hard drive or USB.

Posted in Uncategorized | No Comments »