Rtpbreak Manual

User Manual:

Open the PDF directly: View PDF PDF.
Page Count: 3

DownloadRtpbreak Manual
Open PDF In BrowserView PDF
2018/11/15

rtpbreak|PenetrationTestingTools

rtpbreak
 February 18, 2014

 Sni ng/Spoo ng

rtpbreak Package Description
With rtpbreak you can detect, reconstruct and analyze any RTP session. It doesn’t require the presence of RTCP
packets and works independently form the used signaling protocol (SIP, H.323, SCCP, …). The input is a sequence of
packets, the output is a set of les you can use as input for other tools (wireshark/tshark, sox, grep/awk/cut/ cat/sed,
…). It supports also wireless (AP_DLT_IEEE802_11) networks.
reconstruct any RTP stream with an unknown or unsupported signaling protocol
reconstruct any RTP stream in wireless networks, while doing channel hopping (VoIP activity detector)
reconstruct and decode any RTP stream in batch mode (with sox, asterisk, …)
reconstruct any already existing RTP stream
reorder the packets of any RTP stream for later analysis (with tshark, wireshark, …)
build a tiny wireless VoIP tapping system in a single chip Linux unit
build a complete VoIP tapping system (rtpbreak would be just the RTP dissector module!)
Source: rtpbreak Documentation
rtpbreak Homepage | Kali rtpbreak Repo
Author: Dallachiesa Michele
License: GPLv2

Tools included in the rtpbreak package
rtpbreak – Detects, reconstructs, and analyzes RTP sessions
root@kali:~# rtpbreak -h
Copyright (c) 2007-2008 Dallachiesa Michele 
rtpbreak v1.3a is free software, covered by the GNU General Public License.
USAGE: rtpbreak (-r|-i)  [options]
INPUT
-r 

Read packets from pcap le 

-i 

Read packets from network interface 

-L 

Force datalink header length ==  bytes

https://tools.kali.org/sniffingspoofing/rtpbreak

1/3

2018/11/15

rtpbreak|PenetrationTestingTools

OUTPUT
-d 

Set output directory to  (def:.)

-w

Disable RTP raw dumps

-W

Disable RTP pcap dumps

-g

Fill gaps in RTP raw dumps (caused by lost packets)

-n

Dump noise packets

-f

Disable stdout logging

-F

Enable syslog logging

-v

Be verbose

SELECT
-m

Sni packets in promisc mode

-p 

Add pcap lter 

-e

Expect even destination UDP port

-u

Expect unprivileged source/destination UDP ports (>1024)

-y 

Expect RTP payload type == 

-l 

Expect RTP payload length ==  bytes

-t < oat>

Set packet timeout to < oat> seconds (def:10.00)

-T < oat>

Set pattern timeout to < oat> seconds (def:0.25)

-P 

Set pattern packets count to  (def:5)

EXECUTION
-Z 

Run as user 

-D

Run in background (option -f implicit)

MISC
-k

List known RTP payload types

-h

This

rtpbreak Usage Example
Analyze RTP tra c using interface eth0 (-i eth0), ll in gaps (-g), sni in promiscuous mode (-m), and save to the given
directory (-d rtplog):
root@kali:~# rtpbreak -i eth0 -g -m -d rtplog
+ rtpbreak v1.3a running here!
+ pid: 10951, date/time: 17/05/2014#13:40:02
+ Con guration
+ INPUT
Packet source: iface 'eth0'

https://tools.kali.org/sniffingspoofing/rtpbreak

2/3

2018/11/15

rtpbreak|PenetrationTestingTools

Force datalink header length: disabled
+ OUTPUT
Output directory: 'rtplog'
RTP raw dumps: enabled
RTP pcap dumps: enabled
Fill gaps: enabled
Dump noise: disabled
Log le: 'rtplog/rtp.0.txt'
Logging to stdout: enabled
Logging to syslog: disabled
Be verbose: disabled
+ SELECT
Sni packets in promisc mode: enabled
Add pcap lter: disabled
Expecting even destination UDP port: disabled
Expecting unprivileged source/destination UDP ports: disabled
Expecting RTP payload type: any
Expecting RTP payload length: any
Packet timeout: 10.00 seconds
Pattern timeout: 0.25 seconds
Pattern packets: 5
+ EXECUTION
Running as user/group: root/root
Running daemonized: disabled
* You can dump stats sending me a SIGUSR2 signal
* Reading packets...

 spoo ng, voip

Related Posts
Cookie Cadger
hamster-sidejack
Spooftooph

February 16, 2014
February 18, 2014

February 18, 2014

https://tools.kali.org/sniffingspoofing/rtpbreak

3/3
Source Exif Data: 
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.4
Linearized                      : No
Page Count                      : 3
Creator                         : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/70.0.3538.77 Chrome/70.0.3538.77 Safari/537.36
Producer                        : Skia/PDF m70
Create Date                     : 2018:11:15 10:54:05+00:00
Modify Date                     : 2018:11:15 10:54:05+00:00
EXIF Metadata provided by EXIF.tools

Navigation menu