12:51 Videojak ??tool for spoofing voipvideo | |
Another valuable news from the hacker conference Defcon. Two experts from the group of Viper Lab have developed an interesting tool VideoJak (add to the known sniffer UCSniff) to capture video from surveillance cameras and VoIP-programs. Attack is done on a "man-in-the-middle" and allows you to completely replace the contents of the stream (poisoning). Signaling protocols supported codecs G.711u, G.722, H.263, and H.264. These programs have existed before, but now they have matured to the level of mass culture. Free set of sniffer UCSniff exists in versions for Linux and Windows and has a nice GUI. Use the program can be any school without special education. The developers have demonstrated performance of its program directly at the conference. These hacker tools provide numerous opportunities for corporate espionage, as managers of large corporations often use VoIP for important / secret talks and meetings. Interception of CCTV cameras can use the thieves who want to enter the building - now they can watch in real time, as demonstrated on the screens of the Security Service. Moreover, they can be injected into the flow and change it: for example, run the replay from a certain point, or replace the content (eg porn). To prevent such attacks need to use cryptographic streams, but in reality it is rarely used and generally turned off by default in most VoIP-programs. Via InSecurity Complex, The Register | |
|
Total comments: 0 | |