Skip to content

SIP protocol #410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,11 @@ linters:
- staticcheck
path: cli/commandline_test.go
text: SA1019
- linters:
- gocognit
- gocyclo
- cyclop
path: protocol/sip/helper_test.go
paths:
- protocol/mikrotik/msg.go
- third_party$
Expand Down
5 changes: 5 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ go 1.24.1
require (
github.com/Masterminds/semver v1.5.0
github.com/antchfx/htmlquery v1.3.4
github.com/emiago/sipgo v0.33.0
github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8
github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906
golang.org/x/crypto v0.40.0
Expand All @@ -16,8 +17,12 @@ require (
require (
github.com/antchfx/xpath v1.3.3 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/gobwas/httphead v0.1.0 // indirect
github.com/gobwas/pool v0.2.1 // indirect
github.com/gobwas/ws v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/icholy/digest v1.1.0 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/ncruces/go-strftime v0.1.9 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
Expand Down
21 changes: 21 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -4,24 +4,41 @@ github.com/antchfx/htmlquery v1.3.4 h1:Isd0srPkni2iNTWCwVj/72t7uCphFeor5Q8nCzj1j
github.com/antchfx/htmlquery v1.3.4/go.mod h1:K9os0BwIEmLAvTqaNSua8tXLWRWZpocZIH73OzWQbwM=
github.com/antchfx/xpath v1.3.3 h1:tmuPQa1Uye0Ym1Zn65vxPgfltWb/Lxu2jeqIGteJSRs=
github.com/antchfx/xpath v1.3.3/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/emiago/sipgo v0.33.0 h1:UxPKCoPREffSjrRE6oesG/RPz5/ZSp8tA8Jc6YvYUsk=
github.com/emiago/sipgo v0.33.0/go.mod h1:gbOLw/kZHZ3wS/5PIa9qVjpdil/IKLdigbZFIYFpHTs=
github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og=
github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
github.com/gobwas/ws v1.3.2 h1:zlnbNHxumkRvfPWgfXu8RBwyNR1x8wh9cf5PTOCqs9Q=
github.com/gobwas/ws v1.3.2/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17kjQEVQ1XRhq2/JR1M3sGqeJoxs=
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/icholy/digest v1.1.0 h1:HfGg9Irj7i+IX1o1QAmPfIBNu/Q5A5Tu3n/MED9k9H4=
github.com/icholy/digest v1.1.0/go.mod h1:QNrsSGQ5v7v9cReDI0+eyjsXGUoRSUZQHeQ5C4XLa0Y=
github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8 h1:z9RDOBcFcf3f2hSfKuoM3/FmJpt8M+w0fOy4wKneBmc=
github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906 h1:qHFp1iRg6qE8xYel3bQT9x70pyxsdPLbJnM40HG3Oig=
github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906/go.mod h1:YvUqhu5vYhmbcLReMLrm/Tq3S7Yj43kSVFvvol6Lh6k=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
Expand Down Expand Up @@ -105,6 +122,10 @@ golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxb
golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
modernc.org/cc/v4 v4.26.1 h1:+X5NtzVBn0KgsBCBe+xkDC7twLb/jNVj9FPgiwSQO3s=
modernc.org/cc/v4 v4.26.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
modernc.org/ccgo/v4 v4.28.0 h1:rjznn6WWehKq7dG4JtLRKxb52Ecv8OUGah8+Z/SfpNU=
Expand Down
13 changes: 13 additions & 0 deletions protocol/sip/examples/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# SIP examples

## Usage

Start the local Asterisk server and run a example.

```sh
cd protocol/sip/examples
docker compose up -d
go run ping/main.go
# go run tcp/main.go
# go run call/main.go
```
111 changes: 111 additions & 0 deletions protocol/sip/examples/call/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
// This example registers an endpoint (user authentication) in a server
// and starts a call (only the SIP related part).
package main

import (
sipgo "github.com/emiago/sipgo/sip"
"github.com/icholy/digest"
"github.com/vulncheck-oss/go-exploit/output"
"github.com/vulncheck-oss/go-exploit/protocol"
"github.com/vulncheck-oss/go-exploit/protocol/sip"
)

const (
host = "127.0.0.1"
fromUser = "john.doe"
pass = "password"
toUser = "dembele"
)

func main() {
port := sip.DefaultPorts[sip.UDP]
conn, ok := protocol.UDPConnect(host, port)
if !ok {
output.PrintfFrameworkError("Connecting to server %s:%d", host, port)

return
}
defer conn.Close()
reqOpts := sip.NewSipRequestOpts{
Port: port,
User: fromUser,
ToUser: fromUser,
}
req, ok := sip.NewSipRequest(sipgo.REGISTER, host, &reqOpts)
if !ok {
output.PrintfFrameworkError("Creating REGISTER request to %s with options %+v", host, reqOpts)

return
}
resp, ok := sip.SendAndReceiveUDP(conn, req)
if !ok {
output.PrintfFrameworkError("Sending REGISTER request %s", req.String())

return
}
if resp.StatusCode != sipgo.StatusUnauthorized {
output.PrintfFrameworkError("Unexpected response %d (%s) to REGISTER request", resp.StatusCode, resp.Reason)

return
}
wwwAuth := resp.GetHeader("WWW-Authenticate")
chal, err := digest.ParseChallenge(wwwAuth.Value())
if err != nil {
output.PrintfFrameworkError("Parsing WWW-Authenticate header: %s", err)

return
}
cred, _ := digest.Digest(chal, digest.Options{
Method: req.Method.String(),
URI: host,
Username: fromUser,
Password: pass,
})
newReq := req.Clone()
authHeader := sipgo.NewHeader("Authorization", cred.String())
newReq.AppendHeader(authHeader)
cseqHeader := sipgo.CSeqHeader{SeqNo: uint32(2), MethodName: sipgo.REGISTER}
newReq.ReplaceHeader(&cseqHeader)
resp, ok = sip.SendAndReceiveUDP(conn, newReq)
if !ok {
output.PrintfFrameworkError("Sending REGISTER request with Authorization header %s", newReq.String())

return
}
if resp.StatusCode != sipgo.StatusOK {
output.PrintfFrameworkError("Unexpected response %d (%s) to REGISTER request with Authorization header", resp.StatusCode, resp.Reason)

return
}
reqOpts = sip.NewSipRequestOpts{
Port: port,
ToUser: toUser,
User: fromUser,
}
req, ok = sip.NewSipRequest(sipgo.INVITE, host, &reqOpts)
if !ok {
output.PrintfFrameworkError("Creating INVITE request to %s with options %+v", host, reqOpts)

return
}
cred, _ = digest.Digest(chal, digest.Options{
Method: sipgo.INVITE.String(),
URI: host,
Username: fromUser,
Password: pass,
})
authHeader = sipgo.NewHeader("Authorization", cred.String())
req.AppendHeader(authHeader)
resp, ok = sip.SendAndReceiveUDP(conn, req)
if !ok {
output.PrintfFrameworkError("Sending INVITE request %s", req.String())

return
}
// Not found is expected here, as we are not actually calling a real user.
if resp.StatusCode == sipgo.StatusNotFound {
output.PrintfFrameworkSuccess("Response (INVITE): %s", resp.String())
} else {
output.PrintfFrameworkError("Unexpected response (INVITE): %s", resp.String())
}
}
15 changes: 15 additions & 0 deletions protocol/sip/examples/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
name: go-exploit-examples

services:
asterisk:
image: mlan/asterisk
network_mode: bridge # For testing
cap_add:
- sys_ptrace # For testing
ports:
- "5060:5060/udp" # SIP UDP
- "5060:5060" # SIP TCP
- "5061:5061" # SIP TLS
- "10000-10099:10000-10099/udp" # RTP
environment:
- HOSTNAME=asterisk.${DOMAIN-docker.localhost}
47 changes: 47 additions & 0 deletions protocol/sip/examples/ping/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
// This example checks if a UDP server is up.
//
// The OPTION method is used to discover the server capabilities:
// - https://datatracker.ietf.org/doc/html/rfc3261#section-11
package main

import (
sipgo "github.com/emiago/sipgo/sip"
"github.com/vulncheck-oss/go-exploit/output"
"github.com/vulncheck-oss/go-exploit/protocol"
"github.com/vulncheck-oss/go-exploit/protocol/sip"
)

const (
host = "127.0.0.1"
// Most of the times the servers answer without them.
fromUser = "bob"
toUser = "alice"
)

func main() {
port := sip.DefaultPorts[sip.UDP]
conn, ok := protocol.UDPConnect(host, port)
if !ok {
output.PrintfFrameworkError("Connecting to server %s:%d", host, port)

return
}
defer conn.Close()
reqOpts := sip.NewSipRequestOpts{
Port: port,
ToUser: toUser,
User: fromUser,
}
req, ok := sip.NewSipRequest(sipgo.OPTIONS, host, &reqOpts)
if !ok {
output.PrintfFrameworkError("Creating request to %s with options %+v", host, reqOpts)

return
}
resp, ok := sip.SendAndReceiveUDP(conn, req)
if ok {
output.PrintfFrameworkSuccess("Server is up, response: %s", resp.String())
} else {
output.PrintfFrameworkError("Sending request %s", req.String())
}
}
45 changes: 45 additions & 0 deletions protocol/sip/examples/tcp/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
// This example sends an OPTIONS request over TCP (or TLS).
package main

import (
sipgo "github.com/emiago/sipgo/sip"
"github.com/vulncheck-oss/go-exploit/output"
"github.com/vulncheck-oss/go-exploit/protocol"
"github.com/vulncheck-oss/go-exploit/protocol/sip"
)

const (
host = "127.0.0.1"
useTLS = true
)

func main() {
transport := sip.TCP
if useTLS {
transport = sip.TLS
}
port := sip.DefaultPorts[transport]
conn, ok := protocol.MixedConnect(host, port, useTLS)
if !ok {
output.PrintfFrameworkError("Connecting to server %s:%d", host, port)

return
}
defer conn.Close()
reqOpts := sip.NewSipRequestOpts{
Port: port,
Transport: transport,
}
req, ok := sip.NewSipRequest(sipgo.OPTIONS, host, &reqOpts)
if !ok {
output.PrintfFrameworkError("Creating request to %s with options %+v", host, reqOpts)

return
}
resp, ok := sip.SendAndReceiveTCP(conn, req)
if ok {
output.PrintfFrameworkSuccess("Response: %s", resp.String())
} else {
output.PrintfFrameworkError("Sending request %s", req.String())
}
}
Loading