-
-
Save gagarine/1101711 to your computer and use it in GitHub Desktop.
arcor/vodafone won't give you your sip password for free, but i will: capture an incoming call (WAN VC2) with the diagnostic tool in your easybox, load the .cap file in wireshark and search for SIP/SDP Request:INVITE, Message Header -> Proxy-Authorization
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env perl | |
| use strict; | |
| use warnings; | |
| use Digest::MD5 'md5_hex'; | |
| print_usage() unless($#ARGV==5); | |
| my ($method, $uri, $user, $realm, $nonce, $response) = @ARGV; | |
| my $hash_method_uri = md5_hex(join(':', $method, $uri)); | |
| my $passwd = 0; | |
| while($passwd < 100000000) { # arcor/vodafone sip passwords consists of 8 digets | |
| my $calc_response = md5_hex(join(':', | |
| md5_hex(join(':', | |
| $user, | |
| $realm, | |
| $passwd)), | |
| $nonce, | |
| $hash_method_uri)); | |
| if($calc_response eq $response) { | |
| print "password found: $passwd\n"; | |
| exit; | |
| } | |
| $passwd++; | |
| } | |
| print "password not found :-(\n"; | |
| sub print_usage { | |
| print <<"USAGE"; | |
| ./$0 <method> <uri> <user> <realm> <nonce> <response> | |
| ./$0 INVITE sip:12345\@bar.baz 0123456789 bar.baz 1234567890abcdef1234567890abcdef12345678 1234567890abcdef1234567890abcdef | |
| USAGE | |
| exit; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment