Root-me

SIP Authentication

Packet Capture Analysis

We need to find the password used to authenticate to the SIP service.

cat ch4.txt 

172.25.105.3"172.25.105.40"555"asterisk"REGISTER"sip:172.25.105.40"4787f7ce""""PLAIN"1234
172.25.105.3"172.25.105.40"555"asterisk"INVITE"sip:[email protected]"70fbfdae""""MD5"aa533f6efa2b2abac675c1ee6cbde327
172.25.105.3"172.25.105.40"555"asterisk"BYE"sip:[email protected]"70fbfdae""""MD5"0b306e9db1f819dd824acf3227b60e07

The first line contains the password in PLAIN. Password is 1234