50 min
Ejovi Nuwere: The Art of SIP fuzzing and Vulnerabilities Found in VoIP (English) Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference
-
- Technology
"This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors.
The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches for fuzzing text based protocols which can be more complex then fuzzing binary protocols.
This talk will include:
* 0 day vulnerabilities (or one day)
* Example fuzzing scripts
* Proof of concept code
Ejovi Nuwere is the founder of SecurityLab Technologies. Nuwere gained media attention and international recognition for his highly publicized security audit of Japan's National ID system--JukiNet. Nuwere is the Chief Technology Officer of SecurityLab Technologies where he heads the companies VoIP security auditing group. He currently lives in Boston and is working on his second book, Practical Penetration Testing (O'Reilly)."
"This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors.
The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches for fuzzing text based protocols which can be more complex then fuzzing binary protocols.
This talk will include:
* 0 day vulnerabilities (or one day)
* Example fuzzing scripts
* Proof of concept code
Ejovi Nuwere is the founder of SecurityLab Technologies. Nuwere gained media attention and international recognition for his highly publicized security audit of Japan's National ID system--JukiNet. Nuwere is the Chief Technology Officer of SecurityLab Technologies where he heads the companies VoIP security auditing group. He currently lives in Boston and is working on his second book, Practical Penetration Testing (O'Reilly)."
50 min