"None of this seems to have any entropy. Which means it's vulnerable to replay attacks, just as the article states."
No. Since the nonce value is unique for each request, if you just try to replay the PBX will reject your packet requesting a new authentication with a different nonce.
Tobias Glemser
No. Since the nonce value is unique for each request, if you just try to replay the PBX will reject your packet requesting a new authentication with a different nonce.
So replay w...
[ more ]