Related Security Tools

• VideoSnarf

Authors

• Sipera VIPER Lab
• Abhijeet Hatekar
• Arjun Sambamoorthy
• Jason Ostrom

Readme

VideoJak features

• VLAN Discovery (CDP) and VLAN Hop
• Call pattern tracking for SIP and SCCP signaling protocols
• Audio codec (G.711u, G.722) and Video codec (H.263, H.264) support
• Creates custom payload from H.263/H.264 packet capture
• Mitm functions and host management
• Allows user to select ongoing video call from a menu
• Allows user to select a targeted IP Phone or camera for DoS within the video session
• Enables the user to send the attack during an active, ongoing video call
• IP Video Replay attack (New)
• Media Blackhole attack (New)

New Tool: VideoSnarf

VideoSnarf is a new tool first released with VideoJak 2.0, presented for the first time at DefCon 17.

This tool takes an offline pcap as input and outputs all detected media streams, including first of its kind support for decoding H.264 RTP Video streams. This tool is good for pentesters that want to use other tools like tshark/wireshark and ettercap to capture VoIP/Video traffic but want to decode these streams. VideoSnarf supports G711ulaw, G722, G729, G723, and G726 codecs.

See the VideoSnarf page for more details here.

Known bugs

WARNING: When running VideoJak 2.0 on Ubuntu 9.10, VideoJak crashes (causing a network DoS) when running against Cisco 7985 IP Phones when you select an *.avi file for the attack. Using an H.264 video file will not crash VideoJak. Using an *.avi file with VideoJak 2.0 on Ubuntu 9.04 will not crash the tool. It is highly recommended to not use *.avi files for input when using VideoJak 2.0 on Ubuntu 9.10.

To recover from the DoS attack, run videojak again and press 'q' to exit gracefully without launching any of the attacks.