simple VIP interception?
This is not going to be about how can you set up your VIP server. How can you connect different clients on a network to your server?
It is basically on the different options of the very famous and very efficient sniffer device shock that you can use to intercept a call that will be dead inside your network. So this is more of a video that there is already a server a VIP server running inside your network and you can uh you can get the entire call that is being made. So for that, I am running the asterisks over the asterisk PBX server on the backtrack machine.
The Asterix server
I have two lines installed on one of the victims head on Windows XP and the second one on my base Machine Head. I am using the x light line and the server as I recall is the Asterix server. So before it actually demonstrates the entire thing I’m just gonna start the Y shock. Also when you start device shock do remember to run it run it as administrator because in my case when I did not run it as an administrator it was not able to load all the interfaces. So I was not able to capture the data altogether.
All right so I have the Astros running head. I have my extensions my dial 9 configured so that I can create a call from this machine inside my Mac network to the base machine the line that has had. So let me just go ahead and make a call to this machine or let me just try making the default call the welcome call. That is why the extension 1000.
Yes, that plus extension. Okay. So I can listen to that. Now the second connectivity that I want to check is that with that can make the call from this. Windows XP machine to my base machine. So a hundred and one is the extension for that Even that worked.
So now what I need to do is for Chanel obviously need to check the IP address so that accordingly I can capture on a particular interface.
So I just checked the IP address from my backtrack machine Using the simple com. Come on. If config. So we are right now in the one I need you to do 1 6 8 dots 131 subnets so I need to look for that interface. let’s just say. Capture interfaces and. So this is the one. This is the interface we need to capture on. Let me just say start. We do not. Okay. We see some traffic here. So now firstly I’m gonna just try and capture the default call that was made the default. welcome call that was made. Let me just died one by one thousand OVER HERE.
SO NOW IF I GO TO THE WIRE shark I go to telephony and VIP calls. When detected it is detected when we call. Let me just select this. And then we go to the player. That just say decode. And. When I click this right over here. And play
So I can actually listen to the uh default card.
Now the second thing that we’ll try to intercept is when the call is actually being made from this virtual machine to my base machine right here. So let me just dial. One hundred and one that is the extension that I have configured for the uh based machine. All right. So I just say call.
Sniff any of these VoIP calls
There is gonna be a lot of echoes because uh I have the same interface listening for uh both declines. You can see a huge amount of traffic being uh transporter transmitted. Okay. Let me just say end now when it has ended. Let me just uh. Again go to the telephony VIP calls. It says detected three, go to this one first.
Decode It actually has nothing. So let’s go to the next one. Yeah. They are they. Yes they are. We have some. White signals right there. Let’s just play this And this is the part of the noise that we go here. you can basically use a view that the white shark. A simple very efficient sniffer in your network to sniff to sniff any of these VoIP calls.