Created
February 14, 2011 21:49
-
-
Save wose/826624 to your computer and use it in GitHub Desktop.
arcor/vodafone won't give you your sip password for free, but i will: capture an incoming call (WAN VC2) with the diagnostic tool in your easybox, load the .cap file in wireshark and search for SIP/SDP Request:INVITE, Message Header -> Proxy-Authorization
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env perl | |
| use strict; | |
| use warnings; | |
| use Digest::MD5 'md5_hex'; | |
| print_usage() unless($#ARGV==5); | |
| my ($method, $uri, $user, $realm, $nonce, $response) = @ARGV; | |
| my $hash_method_uri = md5_hex(join(':', $method, $uri)); | |
| my $passwd = 0; | |
| while($passwd < 100000000) { # arcor/vodafone sip passwords consists of 8 digets | |
| my $calc_response = md5_hex(join(':', | |
| md5_hex(join(':', | |
| $user, | |
| $realm, | |
| $passwd)), | |
| $nonce, | |
| $hash_method_uri)); | |
| if($calc_response eq $response) { | |
| print "password found: $passwd\n"; | |
| exit; | |
| } | |
| $passwd++; | |
| } | |
| print "password not found :-(\n"; | |
| sub print_usage { | |
| print <<"USAGE"; | |
| ./$0 <method> <uri> <user> <realm> <nonce> <response> | |
| ./$0 INVITE sip:12345\@bar.baz 0123456789 bar.baz 1234567890abcdef1234567890abcdef12345678 1234567890abcdef1234567890abcdef | |
| USAGE | |
| exit; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, Sir, I got the .cap file now. And open the wireshark import this cap file, find SIP/SDP Request:INVITE this line. And may I ask what to do next? How to use your easybox_sip_passwd.pl? I really need your help. Thank you so much!