rtpinsertsound Usage Example
Insert an audio file (
/usr/share/rtpinsertsound/stapler.wav) through the network and use verbose output (
root@kali:~# rtpinsertsound /usr/share/rtpinsertsound/stapler.wav -v Targeting interface eth0 libfindrtp_find_rtp(): using pcap filter "ip".
Packages and Binaries:
A tool to insert audio into a specified audio (i.e. RTP) stream was created in the August - September 2006 timeframe. The tool is named rtpinsertsound. It was tested on a Linux Red Hat Fedora Core 4 platform (Pentium IV, 2.5 GHz), but it is expected this tool will successfully build and execute on a variety of Linux distributions.
How to install:
sudo apt install rtpinsertsound
root@kali:~# rtpinsertsound -h rtpinsertsound - Version 2.0 October 10, 2006 Usage: Mandatory - pathname of file whose audio is to be mixed into the targeted live audio stream. If the file extension is .wav, then the file must be a standard Microsoft RIFF formatted WAVE file meeting these constraints: 1) header 'chunks' must be in one of two sequences: RIFF, fmt, fact, data or RIFF, fmt, data 2) Compression Code = 1 (PCM/Uncompressed) 3) Number of Channels = 1 (mono) 4) Sample Rate (Hz) = 8000 5) Significant Bits/Sample = signed, linear 16-bit or unsigned, linear 8-bit If the file name does not specify a .wav extension, then the file is presumed to be a tcpdump formatted file with a sequence of, exclusively, G.711 u-law RTP/UDP/IP/ETHERNET messages Note: Yep, the format is referred to as 'tcpdump' even though this file must contain udp messages Optional - -a source RTP IPv4 addr -A source RTP port -b destination RTP IPv4 addr -B destination RTP port -f spoof factor - amount by which to: a) increment the RTP hdr sequence number obtained from the ith legitimate packet to produce the RTP hdr sequence number for the ith spoofed packet b) multiply the RTP payload length and add that product to the RTP hdr timestamp obtained from the ith legitimate packet to produce the RTP hdr timestamp for the ith spoofed packet c) increment the IP hdr ID number obtained from the ith legitimate packet to produce the IP hdr ID number for the ith spoofed packet [ range: +/- 1000, default: 2 ] -i interface (e.g. eth0) -j jitter factor - the reception of a legitimate RTP packet in the target audio stream enables the output of the next spoofed packet. This factor determines when that spoofed packet is actually transmitted. The factor relates how close to the next legitimate packet you'd actually like the enabled spoofed packet to be transmitted. For example, -j 10 means 10% of the codec's transmission interval. If the transmission interval = 20,000 usec (i.e. G.711), then delay the output of the spoofed RTP packet until the time-of-day is within 2000 usec (i.e. 10%) of the time the next legitimate RTP packet is expected. In other words, delay 100% minus the jitter factor, or 18,000 usec in this example. The smaller the jitter factor, the greater the risk you run of not outputting the current spoofed packet before the next legitimate RTP packet is received. Therefore, a factor > 10 is advised. [ range: 0 - 80, default: 80 = output spoof ASAP ] -p seconds to pause between setup and injection -h help - print this usage -v verbose output mode Note: If you are running the tool from a host with multiple ethernet interfaces which are up, be forewarned that the order those interfaces appear in your route table and the networks accessible from those interfaces might compel Linux to output spoofed audio packets to an interface different than the one stipulated by you on command line. This should not affect the tool unless those spoofed packets arrive back at the host through the interface you have specified on the command line (e.g. the interfaces have connectivity through a hub).
Updated on: 2023-Mar-08