Results 1 to 1 of 1

Thread: videosnarf - detected media streams (RTP sessions), audio codecs and H264 Video

  1. #1
    Moderator firebits's Avatar
    Join Date
    Mar 2010
    Location
    Brazil
    Posts
    353

    Lightbulb videosnarf - detected media streams (RTP sessions), audio codecs and H264 Video

    videosnarf - detected media streams (RTP sessions), audio codecs and H264 Video

    I have a idea.

    Why not, a new menu "Video Over IP" after "Voip Over IP" and a link to VideoSnarf?
    We need some tools pentest for Video Over IP, correct?

    What is Videosnarf

    VideoSnarf is a new security assessment tool that takes an offline pcap as input, and outputs any detected media streams (RTP sessions), including common audio codecs as well as H264 Video support.


    Why did we write VideoSnarf?

    To give security assessment professionals options to decode media traffic other than forcing them to use tools like videojak/ucsniff. We know that some people, for whatever reason, might not be using UCSniff to capture and decode VoIP/Video traffic. For example, some people might want to use Ettercap and their favorite Sniffer (tshark/Wireshark) to capture the traffic, or they might have a monitor SPAN Session and are running a dedicated sniffer and want to re-construct the traffic just using a pcap trace file.
    VideoSnarf was inspired by the rtpbreak tool. To our knowledge, it is the first tool to detect RTP sessions that are encoded with the H.264 Video Codec, and output raw H264 files.
    VideoSnarf also supports the following common audio codecs: G711ulaw, G711alaw, G722, G729, G723, and G726. These are the most common audio codecs found in enterprise networks where you are going to be doing security assessments. We don't spend too much time developing codec support for other types of environments.


    Install Videosnarf


    There are three install options for getting VideoSnarf: 1) VAST: Run the VAST Live DVD, which already has VideSnarf installed. See here.
    2) Debian Package: Download the videosnarf debian package and install it using dpkg -i videosnarf-xxx.deb
    3) Source Install: Download the source tarball from Download section of videojak and issue following commands.

    Make sure the install system has libpcap installed (Videosnarf needs libpcap to run).


    • bughira@vipervast# ./configure
    • bughira@vipervast# make
    • bughira@vipervast# make install



    Videosnarf usage

    Videosnarf is very simple to use. Just provide the captured pcap file as input and wait for the results.

    • bughira@vipervast# videosnarf -i filename.pcap

    The above command will create h264 files and other audio codec files using the extracted payload from the pcap file. In the source tarball, we have included several sample pcap files to play with in a directory called "pcap."
    For playing the H264 files, use mplayer: mplayer file.h264 -fps values.


    known bugs

    There is one small, known bug in VideoSnarf. If you capture traffic that has an 802.1q VLAN header encapsulated in the packet and you use the option to look for a regular expression in the packet, then VideoSnarf will not like that. You should only see 802.1q VLAN header encapsulated packets when you are running a monitor span session on a Cisco IOS Ethernet switch and you use the "encapsulation replicate" keyword in the Monitor session source command.

    http://sourceforge.net/projects/videojak/files/
    link: VideoJaking: Hijaking IP Video calls

    by firebits
    Last edited by firebits; 09-11-2010 at 04:41 PM.

Similar Threads

  1. Fast Track no sessions
    By kicker7734 in forum Beginners Forum
    Replies: 3
    Last Post: 02-10-2010, 10:29 AM
  2. fast-track, never has sessions
    By Mr.Happy in forum Beginners Forum
    Replies: 2
    Last Post: 02-09-2010, 11:33 PM
  3. (aiuto) audio, video su backtrack4 pre final
    By xanders in forum Discussioni Generali
    Replies: 3
    Last Post: 09-14-2009, 07:37 PM
  4. Video and Audio
    By playtrack in forum OLD Newbie Area
    Replies: 1
    Last Post: 05-31-2009, 02:14 PM
  5. Can't Remember Quicktime Codecs...
    By Israel213 in forum OLD BackTrack 3 Final
    Replies: 3
    Last Post: 12-15-2008, 04:26 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •