File sip-brute
Script types:
portrule
Categories:
intrusive, brute
Download: https://svn.nmap.org/nmap/scripts/sip-brute.nse
User Summary
Performs brute force password auditing against Session Initiation Protocol (SIP) accounts. This protocol is most commonly associated with VoIP sessions.
Script Arguments
sip.timeout
See the documentation for the sip library.creds.[service], creds.global
See the documentation for the creds library.brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass
See the documentation for the brute library.passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb
See the documentation for the unpwdb library.Example Usage
nmap -sU -p 5060 <target> --script=sip-brute PORT STATE SERVICE 5060/udp open|filtered sip | sip-brute: | Accounts | 1000:password123 => Valid credentials | Statistics |_ Performed 5010 guesses in 3 seconds, average tps: 1670
Requires
Author:
License: Same as Nmap--See https://nmap.org/book/man-legal.html