[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Linphone-users] Login details not transmitted securely
From: |
Shadow Dragon |
Subject: |
[Linphone-users] Login details not transmitted securely |
Date: |
Fri, 18 Mar 2016 22:31:48 +0000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 |
By running a MITM attack I was able to intercept login details as they
were not properly protected.
*note: password hash has been removed*
[192.168.0.100 > 91.121.209.194:5060] [HTTP Digest AUTH] http://
Digest: username="shadow_dragon", realm="sip.linphone.org",
nonce="3liI2gAAAACOEVNdAACwI+TVyvwAAAAA", uri="sip:sip.linphone.org",
response="*redacted*", algorithm=MD5,
cnonce="24f9e2be-e1da-4d2f-b97f-b08d6df80e9e", opaque="+GNywA==",
qop=auth, nc=00000001
- [Linphone-users] Login details not transmitted securely,
Shadow Dragon <=