Help identifying system
Sorry if this post is off topic.
I recently conducted a war dial as part a security audit of
modems connected to our companies telephone lines.
While I was able to identify most of the systems found there
are a few I need help with. It has been suggested that these
may be some kind of alarm system.
If anyone recognises any of these or can give me any idea what
they are, I'd be very grateful. Specific software/vendor/model
details would be great.
Thanks in advance
1)
The first simply asks for a password, it allows 4 tries,
Each character typed echoes a '#', including the newline.
===== BEGIN LOG =====
CONNECT 2400
PASSWORD> #####
PASSWORD> ######
PASSWORD> #####
PASSWORD> ######
NO CARRIER
===== END LOG =====
The passwords tried in the example are root, guest, test and
admin.
2)
The second system is a simple ']' password prompt. You get
hree attempts until you are disconnected with what appears to
be a error code, or possibly a serial number.
===== BEGIN LOG =====
CONNECT 2400
]
]
]
0000004E0DD4
+++
===== END LOG =====
3)
The third system asks for a passcode and echos '*' for every
character entered, including the new line.
===== BEGIN LOG =====
CONNECT 28800
Enter PassCode ******
Access Denied
Enter PassCode *****
Access Denied
Enter PassCode ****
NO CARRIER
===== END LOG =====
The passwords tried in the example are guest,test and admin.
date: 3 Jan 2006 18:25:51 -0800
author: unknown
|
Re: Help identifying system
Sorry I don't recognize those specific prompts, but may I ask:
1) If you work for the company, why not just visit the extension and
see what is connected? Or is this a "zero knowledge" audit?
2) Another approach would be to find out what companies are likely to
have supplied such equipment, and work backwards by referring to
technical manuals from items supplied by those companies, e.g., a good
guess might be a PBX -- so start searching PBX manuals from common
suppliers in your area.
3) A third approach would be to add a tap to the line, then publish the
number and see what the "black hats" can teach you about exploiting any
known weaknesses.
I'd better add a smiley to item (3) or my CISSP might be revoked... :-)
--
cheers
Paul Gillingwater
date: 4 Jan 2006 04:52:11 -0800
author: Paul Gillingwater
|
