Hacking Phone Calls with Kali Linux and Wireshark (MITM / VoIP replay)
In this video I show you have to capture VoIP (Voice over IP) phone calls and replay them. We'll capture both the SIP messages and the actual RTP and replay it.
I'll show you multiple ways of doing this including:
* using a Network Tap
* ARP Poisoning Man in Middle attack
* even using a Hub
Be careful if you are using a PBX and SIP phones - are the calls actually encrypted? Are you using SSL and SRTP? FreePBX in this example doesn't do that.
Disclaimer: I gave myself permission to capture and replay my own phone calls. Only ever capture and replay calls you have permission to.
// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
X: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/@davidbombal
Spotify: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
SoundCloud: https://soundcloud.com/davidbombal
Apple Podcast: https://podcasts.apple.com/us/podcast/david-bombal/id1466865532
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
0:00 - Capturing calls with Wireshark
0:26 - Using FreePBX to make calls
01:07 - How to capture calls with a Network TAP
06:45 - Monitoring calls in Wireshark
09:12 - ARP Poisoning to capture calls
12:55 - Capturing calls with a Hub
16:10 - FreePBX calls are not encrypted
17:30 - Conclusion
This proves how insecure plain VoIP can be.
Hacking VoIP shows how deep networking really goes.
It feels like being a digital spy.
Capture RTP packets with Wireshark
Filter traffic using port 5060 (SIP) and UDP (RTP).
Wireshark captures and analyzes SIP, SDP, and RTP protocols in real-time.
Kali Linux includes tools for VoIP analysis and attacks.
Wireshark captures VoIP traffic for inspection.
SIP packets reveal call metadata and credentials.
Man-in-the-middle attacks capture VoIP conversations.
Ettercap helps intercept VoIP traffic.
Unencrypted VoIP is vulnerable to eavesdropping.
Ettercap man in the middle attack
Ettercap ARP poisoning attack
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#voip #wireshark #sip
I'll show you multiple ways of doing this including:
* using a Network Tap
* ARP Poisoning Man in Middle attack
* even using a Hub
Be careful if you are using a PBX and SIP phones - are the calls actually encrypted? Are you using SSL and SRTP? FreePBX in this example doesn't do that.
Disclaimer: I gave myself permission to capture and replay my own phone calls. Only ever capture and replay calls you have permission to.
// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
X: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/@davidbombal
Spotify: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
SoundCloud: https://soundcloud.com/davidbombal
Apple Podcast: https://podcasts.apple.com/us/podcast/david-bombal/id1466865532
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
0:00 - Capturing calls with Wireshark
0:26 - Using FreePBX to make calls
01:07 - How to capture calls with a Network TAP
06:45 - Monitoring calls in Wireshark
09:12 - ARP Poisoning to capture calls
12:55 - Capturing calls with a Hub
16:10 - FreePBX calls are not encrypted
17:30 - Conclusion
This proves how insecure plain VoIP can be.
Hacking VoIP shows how deep networking really goes.
It feels like being a digital spy.
Capture RTP packets with Wireshark
Filter traffic using port 5060 (SIP) and UDP (RTP).
Wireshark captures and analyzes SIP, SDP, and RTP protocols in real-time.
Kali Linux includes tools for VoIP analysis and attacks.
Wireshark captures VoIP traffic for inspection.
SIP packets reveal call metadata and credentials.
Man-in-the-middle attacks capture VoIP conversations.
Ettercap helps intercept VoIP traffic.
Unencrypted VoIP is vulnerable to eavesdropping.
Ettercap man in the middle attack
Ettercap ARP poisoning attack
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#voip #wireshark #sip
David Bombal
Want to learn about IT? Want to get ahead in your career? Well, this is the right place!
On this channel, I discuss Linux, Python, Ethical Hacking, Networking, CCNA, Virtualization and other IT related topics.
This YouTube channel has new videos upload...