Description: The SIP Digest Leak is a vulnerability that affects a large number of SIP Phones, including both hardware and software IP Phones. The vulnerability allows leakage of the Digest authentication response, which is computed from the password. An offline password attack is then possible and can recover most passwords based on the challenge response. This video demonstrates a tool (included with VOIPPACK) that makes demoing this attack an easy task.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.