Penetration Testing mailing list archives
Re: Bypass grub edit protection password
From: Juan Pablo <juan.quine () gmail com>
Date: Fri, 10 Feb 2012 10:40:40 -0500
What have you found in ethernet ports? Anything ussable? Maybe a web interfase, it could have some bugs and enter by there. Or try to analize each port independently, first identify what protocol is working on each one, then, order your self, to try with each port as an independently machine. Did you got the manuals? or have you access to them? what sort of mecanisms did it use to configure, or to setup the equipment. Don't think in a onebug-root thing, you have to work in stages, first identify everything you got of the box, for what it serves, what services it use, search for many fabric, or support manuals (if there some), from that, search for each way the equipment has to setup, or configure, search any possibility to alter something there. Any default or rescue thing could give you default password access. Then go for serial, see what can you get, and what can you give to the box, in order to get something there, have you tried execute grub by commands manually? so you could get some different access via grub (see grub documentation, there are some commands might be useful). Then go each port, try bruteforce, where ever you could, maybe a customized script. But I start on the web interfases, there always is some mini bug that could be useful. Spider the site, try a guest user if not a better one. At least to get more information of files or services,and with luck some injection. And continue working with each service. If nothing works, start fuzzing each service, and go search some 0 day bug. I have not more ideas at the moment. I hope that will help. Juan Pablo. On Thu, Feb 9, 2012 at 6:08 PM, Carlos Pantelides <carlos_pantelides () yahoo com> wrote:
Have you access to any other account? Is there any network service running? Being centos 4.1 (2005-Oct-21 says the mirror) if it is unpatched perhaps you can find a vulnerability and gain more access. nmap it, is sshd running? try 500 most common passwords. Do you have time? try a bigger dictionary. Carlos Pantelides ----------------- http://seguridad-agile.blogspot.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- =============================================== |_|0|_| Ing Juan Quiñe, CISSP, OSCP, GISP, ISO 27001 LA, Cobit-F. |_|_|0| visita: http://hackspy.blogspot.com/ |0|0|0| a.k.a. HaCKsPy - from Security Wari Projects, now PeruSEC "... hacking is a way to live your life, not a day job or semi-ordered list of instructions found in a thick book ..." Anthony Bunyan "... Live your life as if you will die tomorrow but learn as if you will live forever ..." Mahatma Gandhi "... Romper un sistema de seguridad los acerca tanto a ser hackers como encender autos puenteando cables los convierte en ingenieros automitrices ..." "... Nada es tan importante, ni tan urgente que no pueda ser hecho con seguridad ..." ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Bypass grub edit protection password Nik (Feb 09)
- Re: Bypass grub edit protection password Adrián Puente Z. (Feb 09)
- Re: Bypass grub edit protection password Ian Hayes (Feb 09)
- Re: Bypass grub edit protection password Mark (Feb 10)
- Re: Bypass grub edit protection password Shohn Trojacek (Feb 09)
- <Possible follow-ups>
- Re: Bypass grub edit protection password Carlos Pantelides (Feb 09)
- Re: Bypass grub edit protection password Justin Rogosky (Feb 10)
- Re: Bypass grub edit protection password Carlos Pantelides (Feb 10)
- Re: Bypass grub edit protection password Juan Pablo (Feb 10)
- Re: Bypass grub edit protection password Justin Rogosky (Feb 10)