Exploit for Asterisk Security Advisory AST-2011-013

A Metasploit module is attached that demonstrates how to enumerate Asterisk sip peers that have a nat setting different to the global sip nat setting as described in Asterisk Security Advisory AST-2011-013. The example below finds all peers with nat=yes, but the metasploit module will also work...

SIP Username Enumerator For Asterisk

require 'msf/core' class Metasploit3 'SIP Username Enumerator for Asterisk UDP Security Advisory AST-2011-013, CVE-2011-4597', 'Version' = '$Revision: 1 $', 'Description' = 'REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. ' 'Ben Williams',...