Presented at
DEF CON China 1.0 (2019),
June 2, 2019, 11 a.m.
(45 minutes)
Leveraging the packet switched network for making phone calls or VoIP has come a long way now. Today, it has already replaced conventional circuit switching based telephones from the large organizations and now moving to capture the non-commercial users. In this talk, we will focus on the traffic analysis based security analysis of SIP and RTP protocols which are one of the most popular protocols for VoIP. These protocols are already gaining new adopters on high rate and also replacing older protocols like H323.
We will discuss VoIPShark open source VoIP Analysis Platform which will allow people to analyze live or stored VoIP traffic, easily decrypt encrypted SRTP stream, perform macro analysis, generate summary specific to VoIP traffic/nodes and export calls/SMS/DTMF in popular user friendly file formats. We will also be releasing VoIPShark collection of Wireshark plugins written in Lua under GPL. VoIPShark is plug-n-play, easy to modify/extend and platform independent in nature. We will also discuss the currently available open source tools for SRTP decryption, their shortcomings and how VoIPShark address those.
Presenters:
-
Ashish Bhangale
- Senior Security Researcher, Pentester Academy
Ashish Bhangale is a Senior Security Researcher at Pentester Academy and Attack Defense. He has 6+ years of experience in Network and Web Application Security. He has also worked with the state law enforcement agencies in the capacity of a Digital Forensics Investigator and was instrumental in solving IT fraud/crime cases. He was responsible for developing and testing the Chigula (WiFi Forensics Framework) and Chellam (First pure WiFi Firewall) frameworks. He has also created and managed multiple projects like Vulnerable Web Application OSes, Vulnerable Router Project and Damn Vulnerable Wordpress. He has presented/published his work at Blackhat, Wireless Village, IoT village and Demo labs (DEFCON). His areas of interest include Forensics, WiFi and AD security.
-
Jeswin Mathai
- Security Researcher, Pentester Academy
Jeswin Mathai is a Researcher at Pentester Academy and Attack Defense. He has published his work at Blackhat Arsenal and Demo labs (DEFCON). He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.
LinkedIn: https://www.linkedin.com/in/jeswinmathai/
Twitter: @jeswinMathai
Facebook: https://www.facebook.com/jeswinMathai
-
Nishant Sharma
- R&D Manager, Pentester Academy
Nishant Sharma is a R&D Manager at Pentester Academy and Attack Defense. He is also the Architect at Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX and WiMini. He also handles technical content creation and moderation for Pentester Academy TV. He has 6+ years of experience in information security field including 4+ years in WiFi security research and development. He has presented/published his work at Blackhat USA/Asia, Wireless Village, IoT village and Demo labs (DEFCON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master's degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, Forensics and Cryptography.
LinkedIn: https://www.linkedin.com/in/wifisecguy/
Twitter: @wifisecguy
Facebook: https://www.facebook.com/wifisecguy
Links:
Similar Presentations: