Tags › asterisk
New White Paper: DTLS “ClientHello” Race Conditions in WebRTC Implementations
Published on Oct 15, 2024 in denial of service, freeswitch, webrtc security, asterisk
We’re excited to announce the release of our latest white paper, “DTLS ‘ClientHello’ Race Conditions in WebRTC Implementations”. This comprehensive study delves into a critical vulnerability affecting various WebRTC implementations, with potential implications for real-time communication security. Our research team at Enable Security conducted extensive testing on both open-source and proprietary WebRTC implementations, focusing on media servers and popular communication platforms. The study aimed to identify vulnerabilities related to the processing of DTLS ClientHello messages in WebRTC sessions.…
A Novel DoS Vulnerability affecting WebRTC Media Servers
Published on Jun 25, 2024 in denial of service, freeswitch, webrtc security, asterisk
Executive summary (TL;DR) A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP, specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and DTLS traffic and can be exploited to disrupt media sessions, compromising the availability of real-time communication services. Mitigations include filtering packets based on ICE-validated IP and port combinations. The article also indicates safe testing methods and strategies for detecting the attack.…
Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
Published on Apr 8, 2022 in denial of service, demo server, freeswitch, asterisk, webrtc security, kamailio, sipvicious pro
Executive summary (TL;DR) Exploiting CVE-2022-0778 in a WebRTC context requires that you get a few things right first. But once that is sorted, DoS (in RTC) is the new RCE! How I got social engineered into looking at CVE-2022-0778 A few days ago, Philipp Hancke, self-proclaimed purveyor of the dark side of WebRTC, messaged me privately with a very simple question: “are you offering a DTLS scanner by chance?” He explained how in the context of WebRTC it would be a bit difficult since you need to get signaling right, ICE (that dance with STUN and other funny things) and finally, you get to do your DTLS scans.…
If SIPVicious gives you a ring…
Published on Dec 10, 2012 in asterisk, cyber crime, sip security, sipvicious oss, security tools
Note: SIPVicious version 0.28 is out, go get it. I like to keep an eye on the social media and Google alerts for SIPVicious and in the last few months I noticed a rise in mentions of the tools. Specifically, a number of Korean twitter users (who have their service with KT, a VoIP service provider) complaining about receiving a call from a caller-id showing ‘SIPVicious’. After contacting a Korean friend, this led to an interview by a reporter for an article that was published on a Korean tech news site Boan News.…