Fri, 25 Aug 2006
ohrwurm-0.1 - an RTP fuzzer
ohrwurm is a small and simple RTP fuzzer, I tested it on a small number of SIP phones, none of them did withstand.
- reads SIP messages to get information of the RTP port numbers
- reading SIP can be omitted by providing the RTP port numbers, sothat any RTP traffic can be fuzzed
- RTCP traffic can be suppressed to avoid that codecs learn about the "noisy line"
- special care is taken to break RTP handling itself
- the RTP payload is fuzzed with a constant BER
- the BER is configurable
- requires arpspoof from dsniff to do the MITM attack
- requires both phones to be in a switched LAN (GW operation only works partially)
Send feedback on anything ohrwurm broke to ohrwurm/at/mazzoo/dot/de, even if it
was a famous packet sniffer ;)
Re: Tool Usage
I am planning to use ohrwurm tool to test the SIP phones. In your blog, you have mentioned that the SIP phones have to be in the same lan and also you have mentioned that the Gateway functionality works partially. In my topology, I have set up a Router that acts as a Gateway and the Attacker is present between the Call originator and the Gatway.
Originator --- Gateway (router) --- Call Terminator
I have tested and found out that attacker succesfully sniffs the packets going between originator and the gateway. Since i have spoofed the gateway and the originator to believe in the Attacker. My question is will ohrwurm tool successfully fuzz RTP packets between orginator and terminator even though they are not in the same lan ??
Could you change the blue color of this site ????
Hi, are you going to be updating this tool, or have you stopped developing it. Thanks.
Mark, the tool is perfect, no need to develop :P
no, but seriously . what is missing?
Nothing in particular, I was just looking through the code and noticed some FIXMEs so I wondered if you were still actively working on it since I saw no updates since 2006. Thanks :)