Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2964
Views
115
Helpful
4
Replies

SIP digest auth calculator

Oleg Volkov
Spotlight
Spotlight

‎02-01-2021 03:43 AM

Hello!

I need to check some client for correct auth.

I make small tools for it:

https://github.com/OlegPowerC/SIPdigestCalculator

Usage:

SIPdigestcalculator.exe -u username -r realm -p password -n nonce -uri SIP URI
or
SIPdigestcalculator.exe -u username -r realm -p password -n nonce -cn client nonce -nc nonce count -uri SIP URI

 

for examle in my lab:

REGISTER sip:192.168.55.167:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.55.166:5060;branch=z9hG4bK20D124F
From: <sip:007862@192.168.55.167>;tag=2D3108C-F41
To: <sip:007862@192.168.55.167>
Date: Mon, 01 Feb 2021 11:21:42 GMT
Call-ID: 8E725EBC-63B311EB-830D9A18-B30DA702
User-Agent: Cisco-SIPGateway/IOS-12.x
Max-Forwards: 70
Timestamp: 1612178502
CSeq: 15 REGISTER
Contact: <sip:007862@192.168.55.166:5060>
Expires: 3600
Authorization: Digest username="007862",realm="asterisk",uri="sip:192.168.55.167:5060"
RTR01#,response="611d34af182ff56ffec67a04ce8561e5",nonce="1612176383/ac153881bb7f5c7fafe2179aa4ed5617",opaque="2c3ad55e0cf9fae1",cnonce="CC77FDAA",qop=auth,algorithm=md5,nc=00000001
Content-Length: 0

 

I can check it by my tool like this:

SIPDigestCalculator.exe -u 007862 -r asterisk -p 1q2w3e -n 1612176383/ac153881bb7f5c7fafe2179aa4ed5617 -uri sip:192.168.55.167:5060 -cn CC77FDAA -nc 00000001

 

 

result:

A1: 007862:asterisk:1q2w3e
HA1: 64e5dd333209a9af67ec11d61b3c6479
A2: REGISTER:sip:192.168.55.167:5060
HA2: 7df6ad58ee02df3e342fe72722bd624c
Response: 611d34af182ff56ffec67a04ce8561e5

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
Labels:
4 Replies 4

Daniel Mordukhov
Level 1
Level 1

‎02-28-2022 05:03 PM

Hey, a really nice tool. Would have been nice to choose a method like INVITE instead of REGISTER.

b.winter
VIP
VIP
In response to Daniel Mordukhov

‎02-28-2022 10:51 PM

Hi @Oleg Volkov;

nice tool.

 

@Daniel Mordukhov: Why do you think, you need to choose the SIP message? The algorithm used for authentication is the same

daniel.mordukhov
Level 1
Level 1
In response to b.winter

‎03-02-2022 03:18 AM - edited ‎03-02-2022 03:19 AM

This app only calculates the MD5 hash of the REGISTER SIP packet. I had a situation where i needed to calculate the MD5 hash value of the INVITE packet. I used the below formula

 

HA1=MD5(username:realm:password)
HA2=MD5(method:digestURI)

response = (HA1:nonce:nonceCount:cnonce:qop:HA2)

 

 

As you see to calculate hash to I needed to use INVITE as a method. I'm sure it is just another variable to add to the app.

b.winter
VIP
VIP
In response to daniel.mordukhov

‎03-02-2022 04:03 AM

Yes, you are correct. My bad.

Wasn't reading my own notes carefully enough.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents