[Freeswitch-users] [Security Issue][Need urgent comment]

Bilal Abbasi bilaln018 at gmail.com
Fri Jan 26 19:35:55 UTC 2018


Brain,
Thanks alot, it was exactly as you said, i was infact even more wondering
that why call on internal sip profile goes on public context, anyway its
clear now.
thank you everyone for such quick responses, highly appretiated.

Regards
Abbasi

On Sat, 27 Jan 2018 at 12:20 AM, Abaci B <abaci64 at gmail.com> wrote:

> Are you by chance using xml_curl or some other dynamic method to generate
> the users?
>
> On Fri, Jan 26, 2018 at 2:14 PM, Bilal Abbasi <bilaln018 at gmail.com> wrote:
>
>> "default" is the ONLY user that gets register with any password(i tried
>> from my own softphone), if i try any valid user like 1000,1001 i am not
>> able to register.
>>
>> On Sat, Jan 27, 2018 at 12:08 AM, Bilal Abbasi <bilaln018 at gmail.com>
>> wrote:
>>
>>> Here is the sngrep screen shot, i guess if i did the blind accept, it
>>> should not reply back with 401(just assumption)
>>>
>>> On Sat, Jan 27, 2018 at 12:03 AM, Bilal Abbasi <bilaln018 at gmail.com>
>>> wrote:
>>>
>>>> Yes it's challenging auth, and after auth whatever password is
>>>> configured on softphone it sends 200OK.
>>>> and i have
>>>>  <param name="accept-blind-reg" value="false"/>
>>>>
>>>> On Sat, Jan 27, 2018 at 12:00 AM, Michael Jerris <mike at jerris.com>
>>>> wrote:
>>>>
>>>>> is it challenging for auth or no?  maybe you have blind reg turned on?
>>>>>
>>>>> On Jan 26, 2018, at 1:41 PM, Bilal Abbasi <bilaln018 at gmail.com> wrote:
>>>>>
>>>>> Hi Users,
>>>>> I am using FreeSWITCH Version 1.6.19 git c540248 .
>>>>> today i noticed very weird issue, that i am getting an attack on one
>>>>> of my dev servers, that somebody is trying to make calls out of the box.
>>>>> And he is able to register the phone via "default" username(check via
>>>>> sngrep), i am using complex password and there is NO USER with name
>>>>> "DEFAULT" on my switch.
>>>>> I tried to register the default user with any random password and it
>>>>> allowed me to register on my softphone.
>>>>> I am really worried, and i can't believe that it's something at FS end.
>>>>> I am sure its some mistake, can somebody help me out please.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:
>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>>
>>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180126/4561a274/attachment-0001.html>


More information about the FreeSWITCH-users mailing list