svmap - scanner that searches for SIP devices on a given
network
svmap [options] host1 host2 hostrange
svmap is a sip scanner. When launched against ranges of ip address
space, it will identify any SIP servers which it finds on the way.
examples:
svmap.py 10.0.0.1-10.0.0.255 172.16.131.1 sipvicious.org/22
10.0.1.1/241.1.1.1-20 1.1.2-20.* 4.1.*.*
svmap.py -s session1 --randomize 10.0.0.1/8
svmap.py --resume session1 -v
svmap.py -p5060-5062 10.0.0.3-20 -m INVITE
- --version
- show program's version number and exit
- -h, --help
- show this help message and exit
- -v, --verbose
- Increase verbosity
- -q, --quiet
- Quiet mode
- -p PORT,
--port=PORT
- Destination port or port ranges of the SIP device - eg
-p5060,5061,8000-8100
- -P PORT,
--localport=PORT
- Source port for our packets
- -x IP,
--externalip=IP
- IP Address to use as the external ip. Specify this if you have multiple
interfaces or if you are behind NAT
- -b BINDINGIP,
--bindingip=BINDINGIP
- By default we bind to all interfaces. This option overrides that and binds
to the specified ip address
- -t SELECTTIME,
--timeout=SELECTTIME
- This option allows you to trottle the speed at which packets are sent.
Change this if you're losing packets. For example try 0.5.
- -R,
--reportback
- Send the author an exception traceback. Currently sends the command line
parameters and the traceback
- -A,
--autogetip
- Automatically get the current IP address. This is useful when you are not
getting any responses back due to SIPVicious not resolving your local
IP.
- -s NAME,
--save=NAME
- save the session. Has the benefit of allowing you to resume a previous
scan and allows you to export scans
- --resume=NAME
- resume a previous scan
- -c,
--enablecompact
- enable compact mode. Makes packets smaller but possibly less
compatible
- --randomscan
- Scan random IP addresses
- -i scan1,
--input=scan1
- Scan IPs which were found in a previous scan. Pass the session name as the
argument
- -I scan1,
--inputtext=scan1
- Scan IPs from a text file - use the same syntax as command line but with
new lines instead of commas. Pass the file name as the argument
- -m METHOD,
--method=METHOD
- Specify the request method - by default this is OPTIONS.
- -d, --debug
- Print SIP messages received
- --first=FIRST
- Only send the first given number of messages (i.e. usually used to scan
only X IPs)
- -e EXTENSION,
--extension=EXTENSION
- Specify an extension - by default this is not set
- --randomize
- Randomize scanning instead of scanning consecutive ip addresses
- --srv
- Scan the SRV records for SIP on the destination domain name.The targets
have to be domain names - example.org domain1.com
- --fromname=FROMNAME
- specify a name for the from header
- SIPvicious SIP scanner searches for SIP devices on a given network
Copyright (C) 2012 Sandro Gauci <sandro@enablesecurity.com>
- This program is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your option)
any later version.
- This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
- You should have received a copy of the GNU General Public License along
with this program. If not, see <http://www.gnu.org/licenses/>.
The full documentation for svmap.py is maintained as a
Texinfo manual. If the info and svmap.py programs are properly
installed at your site, the command
- info svmap.py
should give you access to the complete manual.