TIP OF THE DAY:
SIP useragent /Registrar uses digest authentication for SIP authentication. To prevent replay attacks SIP registrar generates an arbitrary number NONCE ( number once) and send to sip client. SIP client uses that NONCE to hash the sip credentials and send to registrar.
If you have packet capture and want to compare the hashed credentials in response header you can use this script . Change nonce ,authid,pwd,uri and realm values and run the script.
use Digest::MD5 qw(md5_hex);
$authid = ‘test’;
$pwd = ‘1234’;
$realm = ‘asterisk’;
$method = ‘REGISTER’;
$uri = ‘sip:sip.test.com’;
$nonce = ‘035cf70b1c4fcf4731150330410151743443’;
$a1 = md5_hex(“$authid:$realm:$pwd”);
$a2 = md5_hex(“$method:$uri”);
print md5_hex(“$a1:$nonce:$a2”), “\n”;