![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA_ffMf7mQFl6ZktonlPQW0uyPhbcXpys-UCwWKp_8qA93FSBCg-jaODfbxmGSRviG9Hf3ipF6eoPOVmUcAyBAOchqkcw1DNKqjFvh5UUEIi7BRHAVYVFDzrJg7t6dpklAFZUt0xc6Jac/s200/teclado.png)
- GitHub repo: https://github.com/jesusprubio/bluebox-ng
- IRC(Freenode): #breakingVoIP
Install
GNU/Linux and Mac OS X
- Install Node.js:
- cd bluebox-ng
- chmod +x setup.sh (just in case)
- ./setup.sh
- ./bluebox.sh
Windows
- Install Node.js: http://nodejs.org/download/
- Install Gow (the lightweight alternative to Cygwin): https://github.com/bmatzelle/gow/wiki
- cd bluebox-ng
- chmod +x setup.sh (just in case)
- setup.sh
- bluebox.sh
Features
- RFC compliant
- TLS and IPv6 support
- SIP over websockets (and WSS) support (draft-ietf-sipcore-sip-websocket-08)
- SHODAN, exploitsearch.net and Google Dorks
- SIP common security tools (scan, extension/password bruteforce, etc.)
- REGISTER, OPTIONS, INVITE, MESSAGE, SUBSCRIBE, PUBLISH, OK, ACK, CANCEL, BYE and Ringing requests support
- Authentication through different types of requests
- SIP denial of service (DoS) testing
- SRV and NAPTR discovery
- Dumb fuzzing
- Common VoIP servers web management panels discovery
- Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
- Automatic vulnerability searching (CVE, OSVDB, NVD)
- Geolocation
- Colored output
- Command completion
- It runs in GNU/Linux, Mac OS X and Windows