Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Help identifying modem carriers

From: sophia2521 () supanet com
Date: Mon Dec 19 01:41:50 2005





Hi

I recently conducted a war dial as part of a penetration test of
a large companies phone range.

While I was able to identify most of the carriers found there are
a few I need help with, if any one can give me any idea what
these are, specific software/vendor/model details would be great.

Please reply directly and I will summarize to the list.


1)

The first simply asks for a password, it allows 4 tries, a
dictionary attack has so far been unsuccessful. Each character
typed echoes a '#', including the newline.



===== BEGIN LOG =====
CONNECT 2400/ARQ/LAPM/V42BIS

PASSWORD> #####
PASSWORD> ######
PASSWORD> #####
PASSWORD> ######
NO CARRIER

===== END LOG =====

The passwords tried in the example are root, guest, test and
admin.



2)

The second carrier appears to be a terminal server of some kind.
It offers a choice of either shell or ppp login. With the shell
login you get three tries and each character in the password 
echoes '*'



===== BEGIN LOG =====
CONNECT 26400
Enter "c" for Solo shell or "ppp" for PPP:c

solo login:root
password:****
solo login:guest
password:*****
solo login:admin
password:*****

NO CARRIER
===== END LOG =====



3)

The third carrier is a simple ']' password prompt. You get three
attempts until you are disconnected with what appears to be a
error code, or possibly a serial number. Again a direction attack
was unsuccessful.


===== BEGIN LOG =====
CONNECT 2400/ARQ/LAPM/V42BIS

]
]
]
0000004E0DD4
+++
===== END LOG =====



Signup to supanet at https://signup.supanet.com/cgi-bin/signup?_origin=sigwebmail




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: