Results 1 to 6 of 6

Thread: voipong issue?

  1. #1
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    3

    Default voipong issue?

    Hello,

    After configuring for the linux version of voipong and correctly creating several configuration files (namely voipong.conf and voipongnets) voipong runs and detects VoIP calls. However, when it tries to write out a wave file the program crashes... I believe I have traced it back to the fact that the program calls both sox and soxmix to write out the audio file. In recent versions of sox, soxmix has been deprecated and is incorporated into sox. In BT4 I have noticed that standalone soxmix does not exist, but voipong is not configured to use the new all-built-into-sox method.

    I am not 100% sure that this is whats going on, but I have fairly good reason to believe it is...

    anyone else having issues and/or verify this?

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: voipong issue?

    Could you please pastebin the voipong.conf file, and re-run the command you used but add the following
    #voipong -d4 -f XXXX
    -d4 verbosity -f to stay at the terminal XXXX your other flags options etc.
    Then maybe we can help out.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    3

    Default Re: voipong issue?

    Here is voipong.conf

    http://pastebin.com/embed_js.php?i=r8SHkinf


    voipongnets simply has two static IP addresses with static ports (just like the last example in the documentation). For example:

    172.16.1.101/255.255.255.255 fixed 40000
    172.16.1.102/255.255.255.255 fixed 40000


    You will notice in voipong.conf that the sox path must be set to /usr/bin/sox because thats where its located on BT4. However, I have no idea what the path for soxmix should be... in fact, this is what lead me to believe that soxmix might not be on BT4 but instead BT4 uses the later version of sox that pulls soxmix as a commandline arg.

    I run voipong exactly as you describe, and I receive:
    http://pastebin.com/embed_js.php?i=fnguLwdB

    .... then it correctly finds the RTP stream of a call and begins to create a wav file (I'm sorry, I do not have an example of this interaction... the setup I was testing is no longer available). Then it crashes noting signal 11.

    Again, my best guess is soxmix... I looked in the code and it does call it... I see soxmix no where on BT4. I could be wrong, thats why I thought I would post. Thanks for your help.
    Last edited by Archangel-Amael; 08-12-2010 at 08:48 AM. Reason: Removed scritpt tags.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: voipong issue?

    Ok well apparently soxmix did indeed get merged into sox version 13.
    It looks like we have two choices right now. Either give sox -m in your above config file, and see if it works.
    The -m is simply soxmix. Of course it may need to be changed in the code where soxmix gets called as well.
    Or you can downgrade to sox version 12. This was the version we had in BT3. Since I can't test really test voip tools right now, I can't do this myself. I will also try and get someone else to test this, if I can.
    The best option will of course be to stick with the current sox version if possible.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Moderator S3M73X's Avatar
    Join Date
    Feb 2010
    Posts
    103

    Default Re: voipong issue?

    Fixed: yes
    Tested and verified Tool is doing its job: yes
    BackTrack-Version tested on: BackTrack 4 Final (well this should work on R1 too )


    Archangel called me in for testing this stuff.
    So now i am done at least i have a "workaround".

    The Problem is that voipong is only encoding half-duplex means only one .raw-file is encoded into .wav so i can hear only one direction of the phone-call (blame the authors of the software). I tested that with "sox -m" as replacement for the soxmix and also installed an "old" version v12.8.blafoo < v13.0.0 which still has soxmix in it (but that should not have been the issue, eh?).

    my voipong.conf
    [GENERAL]
    logdir = /var/log
    logfile = voipong.log
    cdrfile = /var/log/voipcdr.log
    networksfile = /pentest/voip/voipong/etc/voipongnets
    pidfile = /var/run/voipong.pid
    mgmt_ipcpath = /tmp/voipongmgmt.sock
    soxpath = /usr/bin/sox
    soxmixpath = "/usr/bin/sox -m"
    modpath = /pentest/voip/voipong
    mixwaves = 0
    defalg = lfp
    rtp_idle_time = 10
    #device = fxp0
    device = eth0
    promisc = 1
    snaplen = 1500
    readtmt = 500
    outdir = output

    [FILTERS]
    startup = "udp"
    my voipongnets
    192.168.178.0/255.255.255.0 lfp
    So now the workaround.

    1. Start Voipong-Server
    root@bt voipong> ./voipong -d4 -f -c ./etc/voipong.conf
    EnderUNIX VOIPONG Voice Over IP Sniffer starting...
    Release 2.0, running on bt [Linux 2.6.30.9 #1 SMP Tue Dec 1 21:51:08 EST 2009 i686]

    (c) Murat Balaban http://www.enderunix.org/
    12/08/10 18:32:24: EnderUNIX VOIPONG Voice Over IP Sniffer starting...
    12/08/10 18:32:24: Release 2.0 running on bt [Linux 2.6.30.9 #1 SMP Tue Dec 1 21:51:08 EST 2009 i686]. (c) Murat Balaban http://www.enderunix.org/ [pid: 8347]
    12/08/10 18:32:24: Default matching algorithm: lfp
    12/08/10 18:32:24: loadmodule: dlopen(/pentest/voip/voipong/modvocoder_pcma.c): /pentest/voip/voipong/modvocoder_pcma.c: invalid ELF header
    12/08/10 18:32:24: loadmodule: dlopen(/pentest/voip/voipong/modvocoder_pcmu.o): /pentest/voip/voipong/modvocoder_pcmu.o: only ET_DYN and ET_EXEC can be loaded
    12/08/10 18:32:24: loadmodule: dlopen(/pentest/voip/voipong/modvocoder_pcma.o): /pentest/voip/voipong/modvocoder_pcma.o: only ET_DYN and ET_EXEC can be loaded
    12/08/10 18:32:24: loadmodule: /pentest/voip/voipong/modvocoder_pcmu.so (@0xb7f17243)
    12/08/10 18:32:24: loadmodule: /pentest/voip/voipong/modvocoder_pcma.so (@0xb7f1426a)
    12/08/10 18:32:24: loadmodule: dlopen(/pentest/voip/voipong/modvocoder_pcmu.c): /pentest/voip/voipong/modvocoder_pcmu.c: invalid ELF header
    12/08/10 18:32:24: loaded 2 module(s)
    12/08/10 18:32:24: loadnet(192.168.178.0/255.255.255.0) method: lfp
    12/08/10 18:32:24: eth0 has been opened in promisc mode. (192.168.178.0/255.255.255.0)
    12/08/10 18:32:27: New management console request has been accepted!
    12/08/10 18:32:44: mgmt_console: set mixflag to 0
    12/08/10 18:33:01: [8351] VoIP call has been detected.
    12/08/10 18:33:01: [8351] 87.234.1.138:19320 <--> 192.168.178.23:30000
    12/08/10 18:33:01: [8351] Encoding 8-PCMA-8KHz, recording.......
    12/08/10 18:33:01: created a call recorder instance!
    12/08/10 18:33:23: [8351] maximum idle time [10 secs] has been elapsed for this call, the call might have been ended.
    12/08/10 18:33:23: [8351] .WAV file output/20100812/session-enc8-PCMA-8KHz-87.234.1.138,19320-192.168.178.23,30000.wav has been created successfully
    12/08/10 18:33:23: [8351] .WAV file output/20100812/session-enc8-PCMA-8KHz-192.168.178.23,30000-87.234.1.138,19320.wav has been created successfully
    12/08/10 18:33:23: child [pid: 8351] terminated normally [exit code: 0]
    2. Start the voipong-Client and setmixflag 0 [you have to do this explicit again in the client because for some reason (crappy code eh? ^^ or maybe just me being to silly to use that tool correctly ) because you will only get one .wav-outputfile with one-direction of the call. if you setmixflag to 0 you will get 2 .wav-files one with each direction of the call]
    root@bt voipong> ./voipctl -c ./etc/voipong.conf



    Connected to VoIPong Management Console

    System:
    bt [Linux 2.6.30.9 #1 SMP Tue Dec 1 21:51:08 EST 2009 i686]


    voipong> help
    Commands:
    help : this one
    quit : quit management console
    uptime : Server uptime
    logrotate : rotate server's logs
    setdebug [level] : set debug level to [level]
    setmixflag [flag] : set mix voice flag to true or false [e.g: 1 for true, 0 for false]
    shutdown : shutdown server
    rusage : CPU usage statistics for the server
    loadnets : Reload voipongnets file
    info : General server information
    shcall : Show currently monitored calls
    shrtcp : Show currently RTCP cache
    killcall [id] : end monitoring session with [id]
    voipong> setmixflag 0
    # set mixflag to 0

    voipong> shcall



    ID NODE1 PORT1 NODE2 PORT2 STIME DURATION
    ----- ---------------- ----- ---------------- ----- ----------------- ------------

    Total listed: 0
    voipong> !!



    ID NODE1 PORT1 NODE2 PORT2 STIME DURATION
    ----- ---------------- ----- ---------------- ----- ----------------- ------------
    08351 87.234.1.138 19320 192.168.178.23 30000 12/08/10 18:33:01 2 seconds

    Total listed: 1
    voipong>
    3. go into the outputfolder and use "sox -m" to concatenate/merge the two outputfiles into one which you then can listen too (this can be scripted/cronjobbed/whatever)
    total 364K
    drwx------ 2 root root 4.0K Aug 12 18:33 .
    drwx------ 3 root root 4.0K Aug 12 17:56 ..
    -rw------- 1 root root 170K Aug 12 18:33 session-enc8-PCMA-8KHz-192.168.178.23,30000-87.234.1.138,19320.wav
    -rw------- 1 root root 176K Aug 12 18:33 session-enc8-PCMA-8KHz-87.234.1.138,19320-192.168.178.23,30000.wav
    root@bt 20100812> pwd
    /pentest/voip/voipong/output/20100812
    root@bt 20100812> sox -m session-enc8-PCMA-8KHz-192.168.178.23,30000-87.234.1.138,19320.wav session-enc8-PCMA-8KHz-87.234.1.138,19320-192.168.178.23,30000.wav -o voipongSucks.wav
    root@bt 20100812> play voipongSucks.wav

    Input File : 'voipongSucks.wav'
    Sample Size : 16-bit (2 bytes)
    Sample Encoding: signed (2's complement)
    Channels : 1
    Sample Rate : 8000

    Time: 00:11.22 [00:00.00] of 00:11.22 (100% ) Samples out: 538k Clips: 0
    Done.
    root@bt 20100812>
    Hope that fixes your "issue"... hf!

    Lets hope the next versions of Voipong fix this "issue"... maybe somebody of you finds time to make a bug-report since i am to lazy/dont have the time to to surf around their code and submit this since i swear on wireshark for voip-sniffing! :P
    Last edited by S3M73X; 08-12-2010 at 04:46 PM.

  6. #6
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    3

    Default Re: voipong issue?

    Thanks guys, I will eventually try out your suggestions... looks good


    Wireshark is certainly great for VoIP sniffing, however it does some things I don't like. One example is it ignores comfort noise RTP packets in playback and audio file dumps... which normally is great. But sometimes I don't want that, which is actually the original reason I was looking at voipong.

Similar Threads

  1. Can't use Voipong in bt4 final
    By Keyman in forum Beginners Forum
    Replies: 3
    Last Post: 02-19-2010, 02:30 AM
  2. VoIPong invalid ELF header error
    By SVG_Torpor in forum OLD BackTrack 4 Software Related Issues
    Replies: 0
    Last Post: 01-26-2010, 05:22 AM
  3. /etc/issue.net
    By KMDave in forum OLD BT4beta Bugs and Fixes
    Replies: 0
    Last Post: 02-16-2009, 12:44 AM
  4. Airodump-ng Issue + Aireplay-ng Issue
    By whiteice in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-05-2008, 05:47 AM
  5. Tor issue
    By Eron_the_Relentless in forum OLD Newbie Area
    Replies: 5
    Last Post: 07-26-2007, 05:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •