This is a scanner that looks for SIP servers.
SIP Servers are part of your VOIP infrastructure
Technically speaking, SIPvicous is a SIP auditing tool used to scan for and enumerate SIP devices and accounts.
It can be obtained freely from it’s Google Code archive, the GIT repo or bundled with security auditing tools like Kali.
Originally intended for legitimate white hat security auditing for internal networks, in the hands of even the most bored of script kiddies it can cause some serious damage.
That lazy network admin using common username/password combos will yet again fall victim to this one.
SIPvicous will send INVITE or OPTION packets looking for responses from live hosts, then log the results to a file.
An attacker can then begin to enumerate for valid usernames and passwords which if successful, can get access.
In addition, these Invites commonly cause ghost calls (phones ring from random callers but no one’s home). Worse still, they can even initiate un-wanted calls.
SIPVicious is made up of 4 components – The head, the front legs, the hind legs, and the torso. I’m kidding of course…there’s actually 5..
svmap 192.168.1.0/24 -v INFO:ImaFly:trying to get self ip .. might take a while INFO:root:start your engines INFO:ImaFly:Looks like we received a SIP request from 192.168.1.20:5060 INFO:ImaFly ip:Looks like we received a SIP request from 192.168.1.21:5060 INFO:ImaFly:Looks like we received a SIP request from 192.168.1.22:5060