{"id":4461,"date":"2010-07-27T20:13:15","date_gmt":"2010-07-27T18:13:15","guid":{"rendered":"http:\/\/www.corelan.be:8800\/?p=4461"},"modified":"2010-07-27T20:13:15","modified_gmt":"2010-07-27T18:13:15","slug":"cisco-voip-phones-a-hackers-perspective","status":"publish","type":"post","link":"https:\/\/www.corelan.be\/index.php\/2010\/07\/27\/cisco-voip-phones-a-hackers-perspective\/","title":{"rendered":"Cisco VoIP Phones – A Hackers Perspective"},"content":{"rendered":"

\"ciscophones\"<\/a> Introduction<\/h4>\n
In the world of VoIP phones, each person may look at them differently. For some, an annoyance that sit on their desk, or maybe for some it is simply a part of their job either deploying them or as a help desk position taking phone calls all day. This could even go as far as some people that just use them on a daily basis at home or in a lobby. But what about in a professional Penetration Tester\u2019s mind? What kind of simple yet sensitive information are we leaving out in the open for malicious users?<\/div>\n
\n

VoIP security is important to understand what vulnerabilities we may be leaving out in the open just waiting for malicious people to crawl our network by gaining information from these VoIP phones. Here presented a document about Cisco VoIP Phones and what an attacker may be looking for, what information they may gain by using these VoIP phones as their target, and ending this document with an example case study utilizing UCSniff on a VoIP network capturing VoIP conversations!<\/p>\n

Contents<\/h4>\n