Description: One of the major security issues concerning PBX servers is the use of weak or predictable passwords. When the PBX is available over the network, fraudsters can try to guess the usernames and passwords by making use of freely available tools. In this demonstration, a tool called sipautohack (part of VOIPPACK) is used find out which IP PBX servers are on a target network. Then it proceeds with enumerating phone extensions on each IP PBX found and tries to guess weak passwords.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.