I am trying to attack to my Asterisk SVN-branch-1.8-r360138 with enabled SRTP and TLS with any kind of possible software.
I found some in Backtrack 5 software editions, but only few info can take some kind of info from the Asterisk PBX server and the rest evesdroping tools of course cannot be applied when TLS is present.
Searching i found out about the TLS renegotiation attack or TLS MitM attack.
some of the sites about this matter are:
educatedguesswork.org/2009/1 … egoti.html
sslshopper.com/article-ssl-a … vered.html
Is that vulnerability also existing in asterisk PBX Server with SIP over TLS enable?? And if yes is there any tool-exploit available so that we can test our implementation against this kind of attack?
Any info will be highly esteemed!