[asterisk-bugs] [JIRA] (ASTERISK-20622) SIP dial without valid register

Dirk-Michael Brosig (JIRA) noreply at issues.asterisk.org
Tue Oct 30 02:45:18 CDT 2012 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-20622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=199004#comment-199004 ] 

Dirk-Michael Brosig commented on ASTERISK-20622:
------------------------------------------------

The allowguest was defaulton  yes. First: this default is very insecure. Second: that brings confusion: some option are default yes, but the commented option say no (like ;allowguest=no), other options (and IMHO this is corrct) is the default value is the written value (like ;pedantic=yes, default is yes)

For demonstrating there are only the cdr records like

"","100","00037168521384","default","100","SIP/85.183.0.103-0000021c","CAPI/ISDN1#02/00037168521384-4e","Dial","CAPI/contr1/20:00037168521384,,r","2012-10-29 04:48:08","2012-10-29 04:48:14","2012-10-29 04:58:03",595,589,"ANSWERED","DOCUMENTATION","1351486088.618",""
"","100","00037168521384","default","100","SIP/85.183.0.103-000002b8","CAPI/ISDN1#01/00037168521384-4f","Dial","CAPI/contr1/20:00037168521384,,r","2012-10-29 04:50:46","2012-10-29 04:50:51","2012-10-29 05:09:31",1125,1120,"ANSWERED","DOCUMENTATION","1351486246.775",""
"","100","00037168521384","default","100","SIP/85.183.0.103-0000090b","CAPI/ISDN1#01/00037168521384-51","Dial","CAPI/contr1/20:00037168521384,,r","2012-10-29 05:09:32","2012-10-29 05:09:38","2012-10-29 05:17:42",490,484,"ANSWERED","DOCUMENTATION","1351487372.2396",""

Now I have to paid some 100EUR. Now I have clear the default context. It contains only 

[default]
exten => _X.,1,system(/usr/bin/logger -i Asterisk -p auth.warn try a call '${CALLERID(all)}')
exten => _X.,2,Hangup

There are no user.conf. The comment free sip.conf (allowguest is now set to no)

[general]
context=default                 ; Default context for incoming calls
allowguest=no                   ; Allow or reject guest calls (default is yes)
allowoverlap=no                 ; Disable overlap dialing support. (Default is yes)
udpbindaddr=0.0.0.0             ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
tcpenable=no                    ; Enable server for incoming TCP connections (default is no)
tcpbindaddr=0.0.0.0             ; IP address for TCP server to bind to (0.0.0.0 binds to all interfaces)
transport=udp                   ; Set the default transports.  The order determines the primary default 
srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
language=de                     ; Default language setting for all users/peers
videosupport=yes                ; Turn on support for SIP video. You need to turn this
authfailureevents=no            ; generate manager "peerstatus" events when peer can't
alwaysauthreject = yes          ; When an incoming INVITE or REGISTER is to be rejected,
auth_options_requests = yes     ; Enabling this option will authenticate OPTIONS requests just like
allowsubscribe=no               ; Disable support for subscriptions. (Default is yes)
localnet=192.168.1.0/255.255.255.0
externaddr = 85.183.0.103
nat=no

[authentication]
[basic-options](!)                ; a template
[natted-phone](!,basic-options)   ; another template inheriting basic-options
[public-phone](!,basic-options)   ; another template inheriting basic-options
[my-codecs](!)                    ; a template for my preferred codecs
[ulaw-phone](!)                   ; and another one for ulaw-only

[dmb]
type=friend
context=extern
host=dynamic
dtmfmode=rfc2833
defaultuser=dmb
mailbox=micha at dmbsrv.dmbhome.local
canreinvite=no
mailbox=1000 at default

[fbn]
type=friend
context=extern
host=dynamic
dtmfmode=rfc2833
defaultuser=fbn
canreinvite=no

[vox]
type=friend
context=extern
host=dynamic
dtmfmode=rfc2833
defaultuser=vox
canreinvite=no
disallow=all
allow=alaw

[fraenzi]
type=friend
context=gaeste
host=dynamic
dtmfmode=rfc2833
defaultuser=fraenzi
canreinvite=no

[mutti]
type=friend
context=gaeste
host=dynamic
dtmfmode=rfc2833
defaultuser=mutti
canreinvite=no

Best regards Micha
                        (Restricted to JIRA Users group)
            
> SIP dial without valid register
> -------------------------------
>
>                 Key: ASTERISK-20622
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20622
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 1.8.11.1
>         Environment: openSUSE 12.1 32bit
> Linux dmbsrv 3.1.10-1.16-pae #1 SMP Wed Jun 27 05:21:40 UTC 2012 (d016078) i686 athlon i386 GNU/Linux
>            Reporter: Dirk-Michael Brosig
>            Assignee: Dirk-Michael Brosig
>            Severity: Critical
>
> an attacker can make a dial in default context without valid authentification

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list