Cisco VoIP Phones – A Hackers Perspective

Corelan Team (chap0) July 27, 2010
This article has 7,485 views
Print Friendly, PDF & Email

ciscophones Introduction

In the world of VoIP phones, each person may look at them differently. For some, an annoyance that sit on their desk, or maybe for some it is simply a part of their job either deploying them or as a help desk position taking phone calls all day. This could even go as far as some people that just use them on a daily basis at home or in a lobby. But what about in a professional Penetration Tester’s mind? What kind of simple yet sensitive information are we leaving out in the open for malicious users?

VoIP security is important to understand what vulnerabilities we may be leaving out in the open just waiting for malicious people to crawl our network by gaining information from these VoIP phones. Here presented a document about Cisco VoIP Phones and what an attacker may be looking for, what information they may gain by using these VoIP phones as their target, and ending this document with an example case study utilizing UCSniff on a VoIP network capturing VoIP conversations!

Contents

  • Intro
  • VoIP Phones - What they advertise
  • Is this line secure?
  • Conclusion
  • References

Download

You can download the paper here :

[download id=63]63[/download]

I hope you found this useful 🙏🏻 🤗


If you got value from this, pass it on to someone who should see it too. 💛
Many thanks in advance!

If you want to learn all ins and outs on exploit development for Windows Userland, in a structured & hands-on way please check out my Corelan training classes. They're high-quality and affordable! And they're the perfect prep to obtain the CCED title.
We're teaching classes all over the world, check out our schedules page for more info.

Are you a student on a tighter budget? Check out ☀️ Corelan Summercamp ☀️!

Of course, if you have any questions about this article, feel free to ask questions in our Discord server.

Follow me on socials!

Have a great day!

- Peter

© Corelan Consulting BV. All rights reserved. ​The contents of this page may not be reproduced, redistributed, or republished, in whole or in part, for commercial or non-commercial purposes without prior written permission from Corelan Consulting bv. See our Terms of Use & Privacy Policy (https://www.corelan.be/index.php/legal) for more details.

Discover more from Corelan | Exploit Development & Vulnerability Research

Subscribe to get the latest posts sent to your email.



Similar/Related posts:

Default ThumbnailFree Tool - Cisco Ironport C350 Safelist / Blocklist merge utility Default ThumbnailCisco switch IOS cheat sheet Default ThumbnailJuniper ScreenOS : defeating iBGP full mesh requirement using route reflectors and confederations Default ThumbnailScript to backup Cisco switches via telnet / tftp

About the author

Tags:

3 thoughts on “Cisco VoIP Phones – A Hackers Perspective”

Comments are closed.