Example PDU’s from our Blackhat talk.
BlackHat Briefings USA 2005 - The Art of SIP Fuzzing and vulnerabilities found in VoIP.
Example test cases for applying different types of anomalies to SIP
messages. Use at your own risk. In many ways these messages are
similar to those presented in SIP torture tests draft. These test
cases are released to be public domain.
For the test cases to be usable beyond example, it is expected that
the e.g. request line, From, To, Via, Contacr and optionally SDP
portion are modified according to your setup.
Test cases are as follows:
—————————————————————————-
0000.txt - SIP specific token anomaly ‘;’ applied to SIP request line
0001.txt - SIP header parameter underflow in Contact header
0002.txt - Integer anomaly in CSeq header
0003.txt - Integer anomaly in CSeq header
0004.txt - Integer anomaly in CSeq header
0005.txt - ASCII overflow in CSeq header
0006.txt - C-Style formar string in CSeq header
0007.txt - Control characterls (bell / 0×07) in CSeq header
0008.txt - ANSI Control characters in CSeq header
0009.txt - UTF8 overflow in CSeq header
0010.txt - Basic value repetition in CSeq header
0011.txt - Basic CSeq Header repetition in OPTIONS message
0012.txt - C-Formats string in Date header with SIP line continuation
0013.txt - Unexpected scheme in SIP URI in Route header
0014.txt - Underflow of SIP message
0015.txt - Unexpected requets method in what looks like an INVITE message
0016.txt - Unexpected short header (m:)
0017.txt - Repetition of ‘@’ inside a SIP URI in Contact header
0018.txt - ANSI Control characters inside SIP URI in Contact header
0019.txt - Invalid port value in hostport component of Contact Headers SIP URI
0020.txt - Repetition of ‘>’ after a SIP URI
0021.txt - Repetition of values in Require header
0022.txt - URI escape in user component of SIP request line
0023.txt - Overflow inside BASE64 encoding in Authorization header
—————————————————————————–
