Penetration Testing mailing list archives

RE: FW: RE Modem identification

From: Stephan Barnes <stephan.barnes () foundstone com>
Date: Tue, 25 Sep 2001 06:31:53 -0700

Great question.

Many times Tone-LOC gets cleaner banners because it has an option
to strip the parity bit (if you want it to).

Run TLCFG.exe and check under Scan Options the Parity Stripping Option.  

In your case im not sure how you address connection issues but your
answer is in how you hanlde parity once connected.

Stephan Barnes 
stephan.barnes () foundstone com
http://www.m4phr1k.com
 
***************************************
This email may contain confidential and privileged material for the sole use
of the 
intended recipient. Any review or distribution by others is strictly
prohibited. 
If you are not the intended recipient please contact the sender and delete
all copies. 
Thank You.
***************************************




-----Original Message-----
From: Dawes, Rogan (ZA - Johannesburg) [mailto:rdawes () deloitte co za] 
Sent: Tuesday, September 25, 2001 1:01 AM
To: 'Bikar Dude'; Stephan Barnes
Cc: 'pen-test () securityfocus com'
Subject: RE: FW: RE Modem identification


Does anyone know how Tone-LOC did automatic Parity conversion?

I started writing a War Dialler in Perl for Unix/Linux that would simply
take a list of numbers and dial them, recording the banners, and doing a bit
of prompting to stimulate banners if none were forthcoming. But one of the
things that I have no idea how to do is the "Automatic Parity conversion"
that Tone-LOC did, when connecting to a different parity modem.

Does anyone have any ideas?

Re the prompting, one of the most common "Silent" modems seems to be Windows
NT RAS. This sits there until you give it a particular string.  I am
intending to capture the initial string using PortMon, and replay it blindly
whenever I get no initial characters. That should help identify a number of
systems, I think.

Rogan

-----Original Message-----
From: Bikar Dude [mailto:bika () nuclear biodome org]
Sent: 23 September 2001 12:18
To: Stephan Barnes
Cc: 'pen-test () securityfocus com'
Subject: Re: FW: RE Modem identification


//* ObHacker: Pick any 6 unix utilities and write a complete war-dialer.
ObHacker++: Try to reduce the total number of letters in the 6 commands 
ObHacker++to
less than 20. *//

-b


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

RE Modem identification Nate . King (Sep 21)
- <Possible follow-ups>
- FW: RE Modem identification Stephan Barnes (Sep 22)
  - Re: FW: RE Modem identification Bikar Dude (Sep 23)
- RE: FW: RE Modem identification Stephan Barnes (Sep 25)
- RE: FW: RE Modem identification Dawes, Rogan (ZA - Johannesburg) (Sep 25)
  - Re: FW: RE Modem identification olle (Sep 26)
  - Re: FW: RE Modem identification Pawel Krawczyk (Sep 26)