Re: [OpenSER-Users] my small security breach REGISTER

Thu, 06 Sep 2007 05:09:34 -0700 

This is an old problem - often called registration hijacking.
After authentication, use check_to() for REGISTER and check_from() for all other SIP requests. 

regards
klaus

Marc LEURENT schrieb:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have a security matter with my configuration (default one), it's possible to 
register using login/password and to set anything in the contact field.
So if you have an account 106/password, it's possible to be 105 in the location 
database!

How is it possible to deny that kind of matter..? Thanks

Is it useful to use: method_filtering of the REGISTRAR module
Or is it better to so something whith the values below and a compare function??
$ct - reference to body of contact header
$ar - realm from Authorization or Proxy-Authorization header
$au - username from Authorization or Proxy-Authorization header

if ($ct != [EMAIL PROTECTED]) {
        sl_send_reply("403", "User and login must be the same");
};

Best Regards,

Marc LEURENT


#
U 82.127.0.79:1045 -> 88.191.45.91:5060
REGISTER sip:sd-7501.dedibox.fr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 82.127.0.79:1046;branch=z9hG4bK5808036470869310420.
From: <sip:[EMAIL PROTECTED]:5060;user=phone>;tag=c0a80101-38c0e7.
To: <sip:[EMAIL PROTECTED]:5060;user=phone>.
Call-ID: [EMAIL PROTECTED]
CSeq: 90 REGISTER.
Max-Forwards: 70.
Expires: 3600.
Contact: <sip:[EMAIL PROTECTED]:1046;user=phone>.
Authorization: Digest username="106", realm="sd-7501.dedibox.fr", 
nonce="46dfceb402cad04812873b855bc50ea65aa99ed5", uri="sip:sd-7501.dedibox.fr",
response="7dca83fd358a9aea3a963f4a71ea5c9e", algorithm=MD5, qop=auth, 
cnonce="38c102", nc=00000001.
User-Agent: THOMSON ST2030 hw0 fw1.56 00-0E-50-4E-AF-C4.
Allow-Events: refer,dialog,message-summary,check-sync,talk,hold.
Content-Length: 0.
.


        AOR:: 105
                Contact:: sip:[EMAIL PROTECTED]:1046;user=phone Q=
                        Expires:: 194
                        Callid:: [EMAIL PROTECTED]
                        Cseq:: 92
                        User-agent:: THOMSON ST2030 hw0 fw1.56 00-0E-50-4E-AF-C4
                        Received:: sip:82.127.0.79:1045
                        State:: CS_SYNC
                        Flags:: 0
                        Cflag:: 192
                        Socket:: udp:88.191.45.91:5060
                        Methods:: 4294967295

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG39AIqjpLE0HiOBYRAiUKAJ9Ilv+Zpbzw89tqWgwmHyVjU/DXugCgjEh8
5XQKEAeiF/L4RWszGC2/yzQ=
=SXE9
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
Users@openser.org
http://openser.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@openser.org
http://openser.org/cgi-bin/mailman/listinfo/users

Reply via email to