131 lines
4.2 KiB
Groff
131 lines
4.2 KiB
Groff
|
.TH SVWAR.PY "1" "June 2020" "svwar.py v0.3.4" "User Commands"
|
||
|
|
.SH NAME
|
||
|
|
svwar.py \- manual page for svwar.py v0.3.4
|
||
|
|
.SH SYNOPSIS
|
||
|
|
.B svwar.py
|
||
|
|
[\fIoptions\fR] \fItarget\fR
|
||
|
|
.SH DESCRIPTION
|
||
|
|
examples:
|
||
|
|
svwar.py \fB\-e100\-999\fR udp://10.0.0.1:5080
|
||
|
|
svwar.py \fB\-d\fR dictionary.txt 10.0.0.2
|
||
|
|
.SH OPTIONS
|
||
|
|
.TP
|
||
|
|
\fB\-\-version\fR
|
||
|
|
show program's version number and exit
|
||
|
|
.TP
|
||
|
|
\fB\-h\fR, \fB\-\-help\fR
|
||
|
|
show this help message and exit
|
||
|
|
.TP
|
||
|
|
\fB\-v\fR, \fB\-\-verbose\fR
|
||
|
|
Increase verbosity
|
||
|
|
.TP
|
||
|
|
\fB\-q\fR, \fB\-\-quiet\fR
|
||
|
|
Quiet mode
|
||
|
|
.TP
|
||
|
|
\fB\-p\fR PORT, \fB\-\-port\fR=\fIPORT\fR
|
||
|
|
Destination port or port ranges of the SIP device \- eg
|
||
|
|
\fB\-p5060\fR,5061,8000\-8100
|
||
|
|
.TP
|
||
|
|
\fB\-P\fR PORT, \fB\-\-localport\fR=\fIPORT\fR
|
||
|
|
Source port for our packets
|
||
|
|
.TP
|
||
|
|
\fB\-x\fR IP, \fB\-\-externalip\fR=\fIIP\fR
|
||
|
|
IP Address to use as the external ip. Specify this if
|
||
|
|
you have multiple interfaces or if you are behind NAT
|
||
|
|
.TP
|
||
|
|
\fB\-b\fR BINDINGIP, \fB\-\-bindingip\fR=\fIBINDINGIP\fR
|
||
|
|
By default we bind to all interfaces. This option
|
||
|
|
overrides that and binds to the specified ip address
|
||
|
|
.TP
|
||
|
|
\fB\-t\fR SELECTTIME, \fB\-\-timeout\fR=\fISELECTTIME\fR
|
||
|
|
This option allows you to trottle the speed at which
|
||
|
|
packets are sent. Change this if you're losing
|
||
|
|
packets. For example try 0.5.
|
||
|
|
.TP
|
||
|
|
\fB\-R\fR, \fB\-\-reportback\fR
|
||
|
|
Send the author an exception traceback. Currently
|
||
|
|
sends the command line parameters and the traceback
|
||
|
|
.TP
|
||
|
|
\fB\-A\fR, \fB\-\-autogetip\fR
|
||
|
|
Automatically get the current IP address. This is
|
||
|
|
useful when you are not getting any responses back due
|
||
|
|
to SIPVicious not resolving your local IP.
|
||
|
|
.TP
|
||
|
|
\fB\-s\fR NAME, \fB\-\-save\fR=\fINAME\fR
|
||
|
|
save the session. Has the benefit of allowing you to
|
||
|
|
resume a previous scan and allows you to export scans
|
||
|
|
.TP
|
||
|
|
\fB\-\-resume\fR=\fINAME\fR
|
||
|
|
resume a previous scan
|
||
|
|
.TP
|
||
|
|
\fB\-c\fR, \fB\-\-enablecompact\fR
|
||
|
|
enable compact mode. Makes packets smaller but
|
||
|
|
possibly less compatible
|
||
|
|
.TP
|
||
|
|
\fB\-d\fR DICTIONARY, \fB\-\-dictionary\fR=\fIDICTIONARY\fR
|
||
|
|
specify a dictionary file with possible extension
|
||
|
|
names or - for stdin
|
||
|
|
.TP
|
||
|
|
\fB\-m\fR OPTIONS, \fB\-\-method\fR=\fIOPTIONS\fR
|
||
|
|
specify a request method. The default is REGISTER.
|
||
|
|
Other possible methods are OPTIONS and INVITE
|
||
|
|
.TP
|
||
|
|
\fB\-e\fR RANGE, \fB\-\-extensions\fR=\fIRANGE\fR
|
||
|
|
specify an extension or extension range example: \fB\-e\fR
|
||
|
|
100\-999,1000\-1500,9999
|
||
|
|
.TP
|
||
|
|
\fB\-z\fR PADDING, \fB\-\-zeropadding\fR=\fIPADDING\fR
|
||
|
|
the number of zeros used to padd the username.
|
||
|
|
the options "\-e 1\-9999 \fB\-z\fR 4" would give 0001 0002 0003
|
||
|
|
\&... 9999
|
||
|
|
.TP
|
||
|
|
\fB\-\-force\fR
|
||
|
|
Force scan, ignoring initial sanity checks.
|
||
|
|
.TP
|
||
|
|
\fB\-T\fR TEMPLATE, \fB\-\-template\fR=\fITEMPLATE\fR
|
||
|
|
A format string which allows us to specify a template
|
||
|
|
for the extensions example
|
||
|
|
svwar.py \fB\-e\fR 1\-999 \fB\-\-template=\fR"123%#04i999" would scan
|
||
|
|
between 1230001999 to 1230999999"
|
||
|
|
.TP
|
||
|
|
\fB\-D\fR, \fB\-\-enabledefaults\fR
|
||
|
|
Scan for default / typical extensions such as
|
||
|
|
1000,2000,3000 ... 1100, etc. This option is off by
|
||
|
|
default. Use \fB\-\-enabledefaults\fR to
|
||
|
|
enable this functionality
|
||
|
|
.TP
|
||
|
|
\fB\-\-maximumtime\fR=\fIMAXIMUMTIME\fR
|
||
|
|
Maximum time in seconds to keep sending requests
|
||
|
|
without receiving a response
|
||
|
|
back
|
||
|
|
.TP
|
||
|
|
\fB\-\-domain\fR=\fIDOMAIN\fR
|
||
|
|
force a specific domain name for the SIP message, eg.
|
||
|
|
\fB\-d\fR example.org
|
||
|
|
.TP
|
||
|
|
\fB\-\-debug\fR
|
||
|
|
Print SIP messages received
|
||
|
|
.TP
|
||
|
|
\fB\-6\fR
|
||
|
|
Scan an IPv6 address
|
||
|
|
.IP
|
||
|
|
Sipvicious extension line scanner scans SIP PaBXs for valid extension lines.
|
||
|
|
|
||
|
|
Copyright (C) 2021 Sandro Gauci <sandro@enablesecurity.com>
|
||
|
|
.IP
|
||
|
|
This program is free software: you can redistribute it and/or modify
|
||
|
|
it under the terms of the GNU General Public License as published by
|
||
|
|
the Free Software Foundation, either version 3 of the License, or
|
||
|
|
(at your option) any later version.
|
||
|
|
.IP
|
||
|
|
This program is distributed in the hope that it will be useful,
|
||
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
|
GNU General Public License for more details.
|
||
|
|
.IP
|
||
|
|
You should have received a copy of the GNU General Public License
|
||
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||
|
|
.SH "SEE ALSO"
|
||
|
|
The full documentation for
|
||
|
|
.B svwar.py
|
||
|
|
can be found on GitHub at <https://github.com/enablesecurity/sipvicious/wiki>.
|