Penetration Testing mailing list archives
Re: Serial Connection Password Cracker.
From: Philip Markwalder <philip.markwalder () celeris ch>
Date: Thu, 16 May 2002 10:42:55 +0200
Hi There is also a non-commercial solution: http://ser2net.sourceforge.net/ bye Philip Greg wrote:
Software such as the following will let you to TCP 'connections' to a serial port. http://www.tglmicro.com/Inet2Com.htm This is a tcp socket server that redirects all I/O to a serial port. It's commerical, however there is a 30-day eval.-----Original Message----- From: Lists [mailto:fw1-list () ip9 co uk] Sent: 13 May 2002 22:56 To: pen-test () securityfocus com; CMichal () oracular com Subject: Re: Serial Connection Password Cracker. If you could somehow get it attached to the network (e.g. use nc to connect the serial port to a listening "socket") you could then try something like brutus (http://www.hoobie.net/brutus/) and a word list, i think LC3 (http://www.atstake.com) had a nice one. I had to do something similar once, and i used a linux console server program to allow me to "telnet" to the serial port, you might even be able to fudge something together with a copy of minicom if you have a linux box to hand - then just point brutus at it. ----- Original Message ----- From: <CMichal () oracular com> To: <pen-test () securityfocus com> Sent: Monday, May 13, 2002 7:24 PM Subject: Serial Connection Password Cracker.I'm looking for a program that can do a dictionary based attack on a device that is connected to a laptop via com port, serial port. Its a piece of hardware that has no lockout after successive bad passwords and there is no delay between try's. If there isn't a cracking program out there with this capability I guess I will have to write some software that will do it. Its a Panasonic KX-TVS75 phone system to be exact, I have the piece of hardware in my possession but I forgot the console password. -C-------------------------------------------------------------------------- --This list is provided by the SecurityFocus Security Intelligence Alert(SIA)Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities pleasesee:https://alerts.securityfocus.com/------------------------------------------------------------------ ---------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
-- Philip Markwalder -- Celeris AG http://www.celeris.ch/ Studbachstrasse 13b Phone: +41 1 938 5720 CH-8340 Hinwil Fax: +41 1 938 5721
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Serial Connection Password Cracker. CMichal (May 13)
- Re: Serial Connection Password Cracker. Lists (May 14)
- RE: Serial Connection Password Cracker. Greg (May 15)
- Re: Serial Connection Password Cracker. Philip Markwalder (May 16)
- RE: Serial Connection Password Cracker. Greg (May 15)
- Re: Serial Connection Password Cracker. Lists (May 14)