Skip to content

Elegantly Sniff Forward-Secrecy TLS/SIP to HEP at the source using Frida

Notifications You must be signed in to change notification settings

sipcapture/HEPjack.js

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
 
 
 
 
 
 
 
 

Repository files navigation

HEPjack

Elegantly Sniff Forward secrecy TLS SIP to HEP at the source via Frida injected libssl callbacks

  ["*libssl*", ["SSL_read", "SSL_write", "SSL_get_fd", "SSL_get_session","SSL_SESSION_get_id"]]

Sounds interesting? Learn more about Frida


Status:
  • Experimental! Please test & contribute!

Requirements

  • NodeJS 10.x or higher
  • Frida
    • sudo pip install frida

Installation

npm install

Parameters

-p     pid or process to attach to
-S     HEP Server IP/hostname
-P     HEP Server port
-X     SIP X-Header extraction to correlation_id (optional)
-R     LOG Regex extraction to correlation_id (optional)

Usage

hepjack.js -p <process> -S 127.0.0.1 -P 9060

Todo

  • More than SIP
  • More than OpenSSL
  • More than Words

Made by Humans

This Open-Source project is made possible by actual Humans without corporate sponsors, angels or patreons.
If you use this software in production, please consider supporting its development with contributions or donations

Donate

(C) 2008-2021 QXIP BV