Allows targeting of VoIP Users based on Corporate Directory and/or extensions

Automatically re-creates and saves entire voice conversations to a single file that can be played back by media players

Support for G.722 and G.711 u-law compression codecs

Automated VLAN Hop and Discovery support

A VoIP Sniffer combined with a MitM re-direction tool

Monitor Mode

UCSniff will run in either Monitor mode (passive eavesdropping) or in man-in-the-Middle mode where ARP-poisoning is used to spoof all service addressing.

VoIP installations running on Cisco IP Phones run a corporate directory, permitting UCSniff to monitor and track calls either by MAC address, IP address of user name.

Two additional tools are available with UCSniff – ACE permits the rapid reading (and storage) of the Cisco telephone directory and ARPsaver will re-establish the correct ARP settings in the event of an unexpected crash.

UCSniff is released under the GPLv3 licence and may be freely downloaded here.  Jason Ostrom and Arjun Sambamoorthy, principal developers at Sipera VIPER Lab recommend running UCSniff on BackTrack Linux and note that future versions will support Windows and also H.264 Video capture.

As always, they insist that you only run this tool on a network where you have permission to do so, purely for research purposes, of course.  UCSniff is intended to “help understand the risk of VoIP Eavesdropping so that security in the VoIP Infrastructure and applications can be improved to a level of acceptable risk.”

Have fun!