RE: Serial Connection Password Cracker.

From: Greg (greg@hoobie.net)
Date: 05/14/02


From: "Greg" <greg@hoobie.net>
To: "Lists" <fw1-list@ip9.co.uk>, <pen-test@securityfocus.com>, <CMichal@oracular.com>
Date: Tue, 14 May 2002 20:18:34 +0100

Software such as the following will let you to TCP 'connections' to a serial
port.

http://www.tglmicro.com/Inet2Com.htm

This is a tcp socket server that redirects all I/O to a serial port. It's
commerical, however there is a 30-day eval.

> -----Original Message-----
> From: Lists [mailto:fw1-list@ip9.co.uk]
> Sent: 13 May 2002 22:56
> To: pen-test@securityfocus.com; CMichal@oracular.com
> Subject: Re: Serial Connection Password Cracker.
>
>
> If you could somehow get it attached to the network (e.g. use nc
> to connect
> the serial port to a listening "socket") you could then try something like
> brutus (http://www.hoobie.net/brutus/) and a word list, i think LC3
> (http://www.atstake.com) had a nice one. I had to do something
> similar once,
> and i used a linux console server program to allow me to "telnet" to the
> serial port, you might even be able to fudge something together
> with a copy
> of minicom if you have a linux box to hand - then just point brutus at it.
>
>
> ----- Original Message -----
> From: <CMichal@oracular.com>
> To: <pen-test@securityfocus.com>
> Sent: Monday, May 13, 2002 7:24 PM
> Subject: Serial Connection Password Cracker.
>
>
> > I'm looking for a program that can do a dictionary based attack on a
> > device that is connected to a laptop via com port, serial port.
> > Its a piece of hardware that has no lockout after successive bad
> > passwords and there is no delay between try's.
> > If there isn't a cracking program out there with this capability I guess
> > I will have to write some software that will do it.
> >
> > Its a Panasonic KX-TVS75 phone system to be exact, I have the piece of
> > hardware in my possession but I forgot the console password.
> >
> > -C
> >
> >
> >
> --------------------------------------------------------------------------
> --
> > This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities please
> see:
> > https://alerts.securityfocus.com/
> >
> >
>
>
> ------------------------------------------------------------------
> ----------
> This list is provided by the SecurityFocus Security Intelligence
> Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities
> please see:
> https://alerts.securityfocus.com/
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Re: command-line reverse connection tunnel?
    ... I wrote a suite of Tcl scripts to accomplish this goal a few years ago, it has been listed on SecurityFocus for a long time as reverseutils. ... >have a machine behind a firewall that lets in only port 80, ... I need a program on SERVER1 that creates a connection to ... and SERVER1 needs to connect to itself on port 3389. ...
    (Pen-Test)
  • command-line reverse connection tunnel?
    ... have a machine behind a firewall that lets in only port 80, ... I need a program on SERVER1 that creates a connection to ... and SERVER1 needs to connect to itself on port 3389. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Identify OS?
    ... The first thing that struck me was port 6112/dtspc. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Digital UNIX 5.60 recourses
    ... Find out what is running on what port (use of netcat, nmap, ... >> Subject: Digital UNIX 5.60 recourses ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Config cisco switches against arpspoofing
    ... switch won't let traffic through unless source MAC address is the one it ... At the interface config option issue "port secure" command, ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)