[asterisk-dev] Dialplan oddities with recent Asterisk ?
Hans Petter Selasky
hselasky at c2i.net
Tue Feb 9 02:31:51 CST 2010
Hi,
I'm just asking if it is possible to insert commands into the dialplan of
Asterisk? For example:
extensions.conf:
[from_sip]
exten => _X.,1,Dial(SIP/${EXTEN}@testsip)
And if ${EXTEN} = "000 at testsip&SIP/333" what turns out to happen then is
similar to SQL injection :-(
I've noticed that incoming phone numbers in chan_sip.c are only strdup'ed.
Many years ago I wrote in my ISDN4BSD software, that people that don't filter
incoming digits should not program PBX software :-) Does Asterisk have any
filtering of the destination extension by default?
I was not able to reproduce the issue on a vanilla Asterisk, because I found
it hard to send the "&" character in the destination number, because it was
always interpreted by the Dial command. But by modifying chan_sip.c, to send
this character I was able to do some strange things :-(
Any comments?
--HPS
More information about the asterisk-dev
mailing list