File tree Expand file tree Collapse file tree 2 files changed +31
-0
lines changed
content/posts/2025/dtls-hello-attack Expand file tree Collapse file tree 2 files changed +31
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ title : " SIP安全 - DTLS client Hello 攻击白皮书"
3+ date : " 2025-07-14 23:13:23"
4+ draft : false
5+ type : posts
6+ tags :
7+ - SIP
8+ - SIP攻击
9+ - SIP安全
10+ categories :
11+ - all
12+ ---
13+
14+ # TL;DR
15+ - 攻击者伪造DTLS ClientHello消息,在SIP服务器和客户端之间建立一个非预期的连接。导致正常链接被阻断。
16+
17+ # 影响
18+ - FreeSWITCH
19+ - RTPengine
20+
21+ # 漏洞白皮书
22+
23+ [ webrtc-hello-race-conditions-paper] ( ./webrtc-hello-race-conditions-paper.pdf )
24+
25+ # 造成影响
26+ - 应答后呼叫无声
27+
28+ # 参考
29+ - https://github.com/EnableSecurity/advisories/tree/master/ES2023-03-rtpengine-dtls-hello-race
30+ - https://github.com/EnableSecurity/advisories/tree/master/ES2023-02-freeswitch-dtls-hello-race
31+ - https://github.com/EnableSecurity/advisories/tree/master/ES2023-03-rtpengine-dtls-hello-race
You can’t perform that action at this time.
0 commit comments