Link to this headingVoIP
Private Branch Exchange (PBX)
Link to this headingSession Initialization Protocol (SIP)
Similar to HTTP
TCP or UDP on 5060 Insecure
TCP or UDP on 5061 SSL/TLS
Internal 5060 port requires auth
External 5080 port does not require auth
Verbs:
- Register
- Invite
- ACK
- BYE
- Cancel
- Update
- Refer
- Prack
- Subscribe
- Notify
- Publish
- Message
- Info
- Options
Status Codes:
Same as HTTP
Link to this headingEnumerating Extensions
Old way:
New way:
Use Subscribe and look for changes in the Status Codes
Get the Notification information back from the server
Link to this headingFax RCE
Fax RCE in the FROM
Link to this headingFreeSwitch Event Socket Interface
port 8021
default credentials
Payload options:
$IFS
url encode
lua os.execute