136 lines
4.4 KiB
Groff
136 lines
4.4 KiB
Groff
.TH SVCRACK.PY "1" "June 2020" "svcrack.py v0.3.4" "User Commands"
|
|
.SH NAME
|
|
svcrack.py \- manual page for svcrack.py v0.3.4
|
|
.SH SYNOPSIS
|
|
.B svcrack.py
|
|
\fI-u username \fR[\fIoptions\fR] \fItarget\fR
|
|
.SH DESCRIPTION
|
|
examples:
|
|
svcrack.py \fB\-u100\fR \fB\-d\fR dictionary.txt udp://10.0.0.1:5080
|
|
svcrack.py \fB\-u100\fR \fB\-r1\-9999\fR \fB\-z4\fR 10.0.0.1
|
|
.SH OPTIONS
|
|
.TP
|
|
\fB\-\-version\fR
|
|
show program's version number and exit
|
|
.TP
|
|
\fB\-h\fR, \fB\-\-help\fR
|
|
show this help message and exit
|
|
.TP
|
|
\fB\-v\fR, \fB\-\-verbose\fR
|
|
Increase verbosity
|
|
.TP
|
|
\fB\-q\fR, \fB\-\-quiet\fR
|
|
Quiet mode
|
|
.TP
|
|
\fB\-p\fR PORT, \fB\-\-port\fR=\fIPORT\fR
|
|
Destination port or port ranges of the SIP device \- eg
|
|
\fB\-p5060\fR,5061,8000\-8100
|
|
.TP
|
|
\fB\-P\fR PORT, \fB\-\-localport\fR=\fIPORT\fR
|
|
Source port for our packets
|
|
.TP
|
|
\fB\-x\fR IP, \fB\-\-externalip\fR=\fIIP\fR
|
|
IP Address to use as the external ip. Specify this if
|
|
you have multiple interfaces or if you are behind NAT
|
|
.TP
|
|
\fB\-b\fR BINDINGIP, \fB\-\-bindingip\fR=\fIBINDINGIP\fR
|
|
By default we bind to all interfaces. This option
|
|
overrides that and binds to the specified ip address
|
|
.TP
|
|
\fB\-t\fR SELECTTIME, \fB\-\-timeout\fR=\fISELECTTIME\fR
|
|
This option allows you to trottle the speed at which
|
|
packets are sent. Change this if you're losing
|
|
packets. For example try 0.5.
|
|
.TP
|
|
\fB\-R\fR, \fB\-\-reportback\fR
|
|
Send the author an exception traceback. Currently
|
|
sends the command line parameters and the traceback
|
|
.TP
|
|
\fB\-A\fR, \fB\-\-autogetip\fR
|
|
Automatically get the current IP address. This is
|
|
useful when you are not getting any responses back due
|
|
to SIPVicious not resolving your local IP.
|
|
.TP
|
|
\fB\-s\fR NAME, \fB\-\-save\fR=\fINAME\fR
|
|
save the session. Has the benefit of allowing you to
|
|
resume a previous scan and allows you to export scans
|
|
.TP
|
|
\fB\-\-resume\fR=\fINAME\fR
|
|
resume a previous scan
|
|
.TP
|
|
\fB\-c\fR, \fB\-\-enablecompact\fR
|
|
enable compact mode. Makes packets smaller but
|
|
possibly less compatible
|
|
.TP
|
|
\fB\-u\fR USERNAME, \fB\-\-username\fR=\fIUSERNAME\fR
|
|
username to try crack
|
|
.TP
|
|
\fB\-d\fR DICTIONARY, \fB\-\-dictionary\fR=\fIDICTIONARY\fR
|
|
specify a dictionary file with passwords or - for stdin
|
|
.TP
|
|
\fB\-r\fR RANGE, \fB\-\-range\fR=\fIRANGE\fR
|
|
specify a range of numbers. example:
|
|
100\-200,300\-310,400
|
|
.TP
|
|
\fB\-e\fR EXTENSION, \fB\-\-extension\fR=\fIEXTENSION\fR
|
|
Extension to crack. Only specify this when the
|
|
extension is different from the username.
|
|
.TP
|
|
\fB\-z\fR PADDING, \fB\-\-zeropadding\fR=\fIPADDING\fR
|
|
the number of zeros used to padd the password.
|
|
the options "\-r 1\-9999 \fB\-z\fR 4" would give 0001 0002 0003
|
|
\&... 9999
|
|
.TP
|
|
\fB\-n\fR, \fB\-\-reusenonce\fR
|
|
Reuse nonce. Some SIP devices don't mind you reusing
|
|
the nonce (making them vulnerable to replay attacks).
|
|
Speeds up the cracking.
|
|
.TP
|
|
\fB\-T\fR TEMPLATE, \fB\-\-template\fR=\fITEMPLATE\fR
|
|
A format string which allows us to specify a template
|
|
for the extensions example
|
|
svwar.py \fB\-e\fR 1\-999 \fB\-\-template=\fR"123%#04i999" would scan
|
|
between 1230001999 to 1230999999"
|
|
.TP
|
|
\fB\-\-maximumtime\fR=\fIMAXIMUMTIME\fR
|
|
Maximum time in seconds to keep sending requests
|
|
without receiving a response
|
|
back
|
|
.TP
|
|
\fB\-D\fR, \fB\-\-enabledefaults\fR
|
|
Scan for default / typical passwords such as
|
|
1000,2000,3000 ... 1100, etc. This option is off by
|
|
default. Use \fB\-\-enabledefaults\fR to
|
|
enable this functionality
|
|
.TP
|
|
\fB\-\-domain\fR=\fIDOMAIN\fR
|
|
force a specific domain name for the SIP message, eg.
|
|
\fB\-d\fR example.org
|
|
.TP
|
|
\fB\-\-requesturi\fR=\fIREQUESTURI\fR
|
|
Force the first line URI to a specific value; e.g. sip:999@example.org
|
|
.TP
|
|
\fB\-6\fR
|
|
Scan an IPv6 address
|
|
.IP
|
|
SIPvicious password cracker is an online password guessing tool for SIP devices.
|
|
|
|
Copyright (C) 2021 Sandro Gauci <sandro@enablesecurity.com>
|
|
.IP
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
.IP
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
.IP
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
.SH "SEE ALSO"
|
|
The full documentation for
|
|
.B svcrack.py
|
|
can be found on GitHub at <https://github.com/enablesecurity/sipvicious/wiki>.
|