[asterisk-users] Hacking
John Kiniston
johnkiniston at gmail.com
Mon Jun 17 13:33:24 CDT 2019
On Sun, Jun 16, 2019 at 3:37 PM John T. Bittner <john at xaccel.net> wrote:
> Anyone know how someone can hack an asterisk box and register with every
> single account on the box.
>
> This box only has 3 accounts, with very complex passwords. Have VoIP
> blacklist setup and fail2ban…
>
I've seen this happen when web-based provisioning is used, I have seen
attempts to download configuration files off of my provisioning server
increase in frequency over the last two years.
The 'Hacker' will do a get on /polycom /cisco /yealink /aastra /mitel etc,
If they get a valid response they will start enumerating mac addresses
/polycom/0004F2018101.cfg
/polycom/0004F2018102.cfg
...
/polycom/0004F2018109.cfg
Then they will use any credentials gained in the download attack to place
calls, registering as needed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20190617/766ca4c2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4300 bytes
Desc: not available
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20190617/766ca4c2/attachment.png>
More information about the asterisk-users
mailing list