WarVOX- VoIP Tools From Metasploit Founder

[tonybradley]

The founder of Metasploit, HD Moore, has released a new set of tools for voice security research and penetration testing- WarVOX. Metasploit has been around for a few years and has offered security administrators and researchers a powerful and comprehensive exploit generation and penetration testing platform that is freely available. Now, HD Moore has taken that same concept or basic goal and delivered the WarVOX suite of security tools for exploring, classifying, and auditing telephone systems.

WarVOX can be used to conduct reconnaisance and penetration testing of voice networks. It is a war-dialing tool, among other things, but a war-dialing tool with a broader approach. According to the WarVOX site "Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. WarVOX provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system."

I have downloaded the WarVOX installation and plan to play around with it. Metasploit has earned a great deal of respect in the general security research arena, so I expect good things from WarVOX as well. You can check out this presentation to learn more about WarVOX and how and why it was developed.

http://www.evangelyze.net/cs/blogs/t...n-testing.aspx

[thehorse13]

I have downloaded the tool and installed it on Ubuntu.

Here is what I have learned. First, after following the directions I found that two things were missing in my install that were not mentioned in the install guide. SSL tools for RUby 8.1 and a devel package for mongrel. I deduced this through compiler errors when executing the commands. Once I had these things worked out, WARVOX came to life. I have not yet paid for a voIP provoder to actually run the tool but I have looked over the screen shot results. Unlike ModemScan, I didn't see any of the login prompts that are returned to the tool like a traditional war dialer. I'm wondering if this ability actually exists within the tool and just isn't screen shotted.

If someone pays a provider to actually run scans, I'd love to know the cost and if the scanner lives up to the benefits.

--TH13