Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Python script to calculate SIP REGISTER Digest authentication (in order to check password validity)
from md5 import md5
# header from 401 response on REGISTER
# Authorization: Digest username="883140776410950", realm="gw_youmagic", algorithm=MD5, uri="sip:GW_Youmagic", nonce="1476157437:0a1418a40f8ee1c9a55f1587ab931c14", response="3ff479ccc24874f66aae45dac889d099"
login = '883140776410950'
uri = 'sip:GW_Youmagic'
nonce = '1476157437:0a1418a40f8ee1c9a55f1587ab931c14'
realm = 'gw_youmagic'
password = '----------'
str1 = md5("{}:{}:{}".format(login,realm,password)).hexdigest()
str2 = md5("REGISTER:{}".format(uri)).hexdigest()
str3 = md5("{}:{}:{}".format(str1,nonce,str2)).hexdigest()
print str3
@gil-obradors
Copy link

gil-obradors commented Apr 17, 2019

#Upgraded python 3.6
from hashlib import md5

# header from 401 response on REGISTER
# Authorization: Digest username="883140776410950", realm="gw_youmagic", algorithm=MD5, uri="sip:GW_Youmagic", nonce="1476157437:0a1418a40f8ee1c9a55f1587ab931c14", response="3ff479ccc24874f66aae45dac889d099"

login = str('883140776410950')
uri = str('sip:GW_Youmagic')
nonce = str('1476157437:0a1418a40f8ee1c9a55f1587ab931c14')
realm = str('gw_youmagic')
password = str('----------')

str1 = md5("{}:{}:{}".format(login,realm,password).encode('utf-8')).hexdigest()
str2 = md5("REGISTER:{}".format(uri).encode('utf-8')).hexdigest()
str3 = md5("{}:{}:{}".format(str1,nonce,str2).encode('utf-8')).hexdigest()
print(str3)

@beneditomarques
Copy link

beneditomarques commented Nov 13, 2021

How can I calculate this, when the authenticate header comes with "qop", "cnonce", "opaque" and "nc" parameters? applying this scripts in this kind of headers, the response is not correct.

@ca4ti
Copy link

ca4ti commented Dec 10, 2021

have this version is 100% effective : https://github.com/OlegPowerC/SIPdigestCalculator

@62mkv , is it possible to expand the code with these differences?

@62mkv
Copy link
Author

62mkv commented Dec 10, 2021

I have no idea :) this is something I've put here for myself as a quick hack to validate signature and probably only ever used once. feel free to expand as you wish

@ca4ti
Copy link

ca4ti commented Dec 10, 2021

I check using asterisk and this i inform is 100% ok (your no have match), If you have time, try to include on your code.

Thanks your code and your time !

Congrats !!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment