UCSniff 3.0: Open Source VoIP & IP Video Sniffer

I read this CNET article headline with a bit of concern…

Demos to show spying on mobile IP calls

However, that concern was greatly reduced after I read this in the article: …listen to the conversation of someone talking on an iPhone over an unsecured wireless network. The exploit targets smartphones that are using the SIP (session initiation protocol) for VoIP. Yes, this is definitely a problem if you are using SIP to condut a VoIP session in an open public hotspot. But, quite frankly, would you really conduct a sensitive conversation somewhere where real live human beings are nearby and can hear what you say with their flesh and blood ears?

That said, UCSniff is an interesting and important development. It is also open source and available to anyone from SourceForge.net:

UCSniff ip video & voip sniffer

Here’s what its overview notes it is capable of:

– Allows targeting of VoIP Users based on Corporate Directory and/or extensions
– Support for automatically recording private IP video conversations
– Automatically re-creates and saves entire voice conversation to a single file that can be played back by media players
– Support for G.729, G.723, G.726, G.722, G.711 u-law, and G.711 a-law compression codecs
– Support for H.264 Video codec
– Automated VLAN Hop and VLAN Discovery support
– A UC Sniffer (VoIP and Video) combined with a MitM re-direction tool
– Monitor Mode
– Sniffs entire conversation if only one phone is in source VLAN
– Gratuitous ARP Disablment Bypass support
– TFTP MitM Modification of IP Phone features
– Realtime VoIP and Video Monitor