Reputation: 778
Retrieve SIP / Voip Password from Wi-Fi router
My network operator offer me VOIP service with free calls included, but it does not provide me VOIP credentials. So I can use VOIP with the phone connected to their router (which is configured for VOIP) but I can't configure VOIP on my mobile phone for example.
I have full access to their router with administrator password, I can see VOIP settings: username, server, port, everything except the password which is shown with "******".
So my question is, any way to get it?
I tried some password based on other passwords that have been given to me from the operator for other services, but no luck, every time I dial a number a voice tell me that VOIP password is incorrect.
I tried exporting the outer configuration over a file, but in the file the password is hashed, not even sure if MD5, I tried with online decrypters but no luck.
Any help? :)
Upvotes: 1
Views: 3119
Answers (1)
Reputation: 27228
SIP uses the authentication protocol also known as HTTP Digest, which uses the MD5 hash function in order to hash the authentication information together with a nonce from the server in order to avoid the replay attacks.
Since you're asking this on StackOverflow, a site for programmers, not reverse engineers, I shall assume that you want to write a workaround app.
So, basically, unless TLS is involved, what you may get away with is creating a sort of a MitM infrastructure which would work as follows:
Your true client and/or intermediary connects to the real server, sees the nonce.
You send the nonce received in the step above to a fake SIP server at home, which you place in front of the VoIP box.
VoIP box connects to your fake server, gets the fresh nonce, hashes authentication information, and sends it back.
Your fake server sends the authentication information it has received back to the real client/intermediary.
The client/intermediary sends it back to the real server, after merely a few roundtrips of a delay. :-)
There might certainly be an easier way to accomplish the above, and the key is that SIP could absolutely legitimately be proxied, as well as a lot of other things to go into. :-) Also, I haven't truly verified that the above is correct with SIP (e.g., whether any sort of session data might get in the way to require or prohibit nonce reuse for subsequent requests as part of the same session), but I think something like that would work.
http://www.site.uottawa.ca/~bob/gradstudents/DigestAuthenticationReport.pdf seems to provide some nice introduction to the topic.
Upvotes: 1
Related Questions
- Is there a way to crack the password on an Excel VBA Project?
- How to reset Django admin password?
- Forgot my password feature by sending encrypted password
- android SIP: cannot initiate a new transaction to execute com.android.server.sip.sipsessiongroup using getonsip.com
- SIP demo - Error code -10, no data connection
- SIP communication open source
- accessing mysql password() hashes via iphone
- does it make sense to send password information during email communication from websites