Hi everyone,
since I’m constantly having problems with my company IP phones but my ISP assistance is slow and mostly inefficient, I’m trying to solve the issues on my own. Now I’m changing the phones provided by ISP (Alcatel IP150) with some Yealinks.
I’ve asked for VOIP credentials, but they just gave me for 1 of the 3 phones, that I configured successfully. So I’m trying to sniff the SIP packages of the other phones to get the passwords.
I know how to search for the password from the MD5 hashes, so that wouldn’t be a problem, but I can’t intercept SIP registering packages with Wireshark. I only get Subscribing packages when I reboot the phones. If I use MicroSip on the same computer I use for Wireshark, I’m able to get the Register package, but for the ISP phone and even the Yealink I’ve installed I can’t. I’ve also tried mirroring all the traffic to my port with the Managed switch that’s inbetween.
The structure of my network is as follows:
ISP IAD -> Managed switch -> then on 3 different ports : - ISP phone on VLAN - my Yealink phone not on VLAN - PC with Wireshark
If I use PCAP diagnostic inside Yeolink I see the packges, but I haven’t the credentials to enter to other phones as an admin.
What I’m doing wrong? I’d like to also know what part of the process I misunderstand.
Thanks to anyone who will help, have a great day
[link] [comments]
from hacking: security in practice https://ift.tt/9wgpjVW
Comments
Post a Comment