svcrack.py -u username [options] target
examples: svcrack.py -u100 -d dictionary.txt 10.0.0.1 svcrack.py -u100 -r1-9999 -z4 10.0.0.1
show program's version number and exit
- -h, --help
show this help message and exit
- -v, --verbose
- -q, --quiet
- -p PORT, --port=PORT
Destination port or port ranges of the SIP device - eg -p5060,5061,8000-8100
- -P PORT, --localport=PORT
Source port for our packets
- -x IP, --externalip=IP
IP Address to use as the external ip. Specify this if you have multiple interfaces or if you are behind NAT
- -b BINDINGIP, --bindingip=BINDINGIP
By default we bind to all interfaces. This option overrides that and binds to the specified ip address
- -t SELECTTIME, --timeout=SELECTTIME
This option allows you to trottle the speed at which packets are sent. Change this if you're losing packets. For example try 0.5.
- -R, --reportback
Send the author an exception traceback. Currently sends the command line parameters and the traceback
- -A, --autogetip
Automatically get the current IP address. This is useful when you are not getting any responses back due to SIPVicious not resolving your local IP.
- -s NAME, --save=NAME
save the session. Has the benefit of allowing you to resume a previous scan and allows you to export scans
resume a previous scan
- -c, --enablecompact
enable compact mode. Makes packets smaller but possibly less compatible
- -u USERNAME, --username=USERNAME
username to try crack
- -d DICTIONARY, --dictionary=DICTIONARY
specify a dictionary file with passwords
- -r RANGE, --range=RANGE
specify a range of numbers. example: 100-200,300-310,400
- -e EXTENSION, --extension=EXTENSION
Extension to crack. Only specify this when the extension is different from the username.
- -z PADDING, --zeropadding=PADDING
the number of zeros used to padd the password. the options "-r 1-9999 -z 4" would give 0001 0002 0003 ... 9999
- -n, --reusenonce
Reuse nonce. Some SIP devices don't mind you reusing the nonce (making them vulnerable to replay attacks). Speeds up the cracking.
- -T TEMPLATE, --template=TEMPLATE
A format string which allows us to specify a template for the extensions example svwar.py -e 1-999 --template="123%#04i999" would scan between 1230001999 to 1230999999"
Maximum time in seconds to keep sending requests without receiving a response back
- -D, --enabledefaults
Scan for default / typical passwords such as 1000,2000,3000 ... 1100, etc. This option is off by default. Use --enabledefaults to enable this functionality
force a specific domain name for the SIP message, eg. -d example.org
SIPvicious password cracker is an online password guessing tool for SIP devices Copyright (C) 2012 Sandro Gauci <firstname.lastname@example.org>
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
The full documentation for svcrack.py is maintained as a Texinfo manual. If the info and svcrack.py programs are properly installed at your site, the command
should give you access to the complete manual.