burmat / nathan burchfield

Voice Over IP (VoIP)

Resources

TrustedSec Cisco Hacking - Manual Walkthrough
- https://www.trustedsec.com/blog/seeyoucm-thief-exploiting-common-misconfigurations-in-cisco-phone-systems/
N00py Username Dumping - Manual Walkthrough
- https://www.n00py.io/2022/01/unauthenticated-dumping-of-usernames-via-cisco-unified-call-manager-cucm/
Vartai Security - Practical VoIP Penetration Testing
- https://medium.com/vartai-security/practical-voip-penetration-testing-a1791602e1b4

iCULeak.py

GitHub: https://github.com/llt4l/iCULeak.py

A cool technique for initial AD access during a pentest. Got a Cisco IP Phone nearby? Congrats, you’re (almost) an domain user!

Source Tweet: https://twitter.com/snovvcrash/status/1555542379272323072?s=20&t=d1esgQD98FboqHYBB2bS9w

PreviousAdobe Experience Manager (AEM)NextShodan

Last updated 1 month ago