Let’s try making some calls on this device and see if we can find any interesting SIP stuff going on. We can try to gather more information to see if this information might become relevant later on. It doesn’t tell us that there is a definite vulnerability within this system. This is interesting information, but doesn’t tell us much. (where X is a placeholder for 1, or 2 – primary/secondary) The XML section just locates the primary and backup service addresses of each “Service Contact” The ‘u=’ string appears to be the unique ID, and is redacted as it uses the MAC address of the device. The first POST request is for the following address: *REDACTED*&i=516375 This session will make occasional plaintext HTTP XML requests. However, we see some HTTP sessions being established as well. The first session establishes a HTTPS session, where most of the communication is encrypted using TLS v1.0 with RSA key exchange. Immediately after the first few DNS queries have been made, we see several TCP sessions being established. The most notable ones being requests for the following addresses: This can be changed in the settings, but we’ll be sticking with the defaults for now.Īfter rebooting this device, and after this device boots up completely, we can see that it goes through the DORA discovery process like any other DHCP-enabled device.Īfter this process completes, we see several DNS queries being made. This proved to be an effective monitoring solution for the time being.Īfter getting the topology set up, the next step is to start monitoring all the traffic that passes through this device.īy default, this device uses DHCP to obtain addressing information. I made use of Windows bridging feature to bridge two Ethernet ports, so traffic would pass through the computer. This proved to be a bit difficult as I did not have a dedicated network tap. The next step is to monitor the traffic that goes in and out of this device. The results of nmap scans were not conclusive, as it did not tell us much, other than the fact that this device has two ports open (500) Nmap is very confident that this device runs on Linux versions 2.6.9 – 2.6.33 With nmap, we also could attempt OS detection of this black box device. This information did not tell us much, but it did tell us what this phone supported, via the use of SIP Allow messages (INVITE, ACK, CANCEL, BYE, MESSAGE, INFO, REFER, NOTIFY) We were able to gather some SIP information from this device however. The default NMAP scan manages to find only two open ports:Īlthough there are known exploits for SIP, rudimentary testing with nmap’s SIP scripts such as sip-brute, sip-call-spoof, and sip-enum was not effective against this black-box device. Tools like nmap will be able to achieve this. The simplest way to start off analysis of a black box device is to do a port scan. In this case, the author has a Sorenson ntouch VP on hand, and this is the ‘black box’ device I will be analyzing. The devices mentioned are internet-connected “black-box” devices that enable communication between deaf people, and provides a way for deaf people to communicate with others via the use of an interpreter. Some examples include the Sorenson ntouch VP, Purple’s SmartVP, and ZVRS’ Z70. However, there are some unique, and proprietary, devices that are to be used by Deaf people. Monday through Friday 9:00 AM to 4:00 PM Eastern Standard Time.įor Deaf & Hard of Hearing Customers who already signed up for Sorenson VRS:ġ) Make sure your Sorenson VRS device and software is turned on and that the camera is facing you.Ģ) Under "Manual Dial", type in 63 and click "Dial".ģ) A staff from Hear-More will gladly accept your video call and sign to you.įor those that do not have Sorenson VRS and would like to sign up for a free NTouch VP, please do the following:ġ) Open up your browser and visit 2) Click on the "Apply for a FREE NTouch VP" menu.ģ) Click "Yes" for a connectivity test and wait a minutes.Ĥ) Once the connectivity test is passed, you will be presented with an online application.ĥ) Fill in the necessary information to get your free NTouch VP.Video Communication Devices are prevalent, and they are widely used around the world. To contact us at Hear-More using VRS, please follow instructions below. Introducing a better way to communicate with our deaf and hard of hearing customers via Videophone Service (VRS NTouch VP), a free service for the deaf and hard of hearing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |