![]() SIP/2.0 407 Proxy Authentication Required ![]() The realm value of the `Proxy-Authenticate` header is set to the domain of the target gateway, in our case ``: The malicious UAC will then challenge the BYE request by sending a specially crafted 407 response. Reason: Q.850 cause=16 text="NORMAL_CLEARING" ![]() Once the callee or mailbox hangs up the call, FreeSWITCH will send a BYE request to the malicious UAC: Remote-Party-ID: "1002" party=calling privacy=off screen=no User-Agent: FreeSWITCH-mod_sofia/1.10.7-dev+git~20210325T155256Z~67cec5c3e8~64bitĪllow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFYĪllow-Events: talk, hold, conference, refer The call is either manually picked up by the callee, or automatically by its mailbox: In this example, extension 1001 is calling extension 1002: ![]() The malicious UAC initiates the attack by sending an INVITE to FreeSWITCH. Change Mirror Download # FreeSWITCH vulnerable to SIP digest leak for configured gateways ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |