If you could somehow get it attached to the network (e.g. use nc to connect
the serial port to a listening "socket") you could then try something like
brutus (http://www.hoobie.net/brutus/) and a word list, i think LC3
(http://www.atstake.com) had a nice one. I had to do something similar once,
and i used a linux console server program to allow me to "telnet" to the
serial port, you might even be able to fudge something together with a copy
of minicom if you have a linux box to hand - then just point brutus at it.
----- Original Message -----
From: <CMichal_at_oracular.com>
To: <pen-test_at_securityfocus.com>
Sent: Monday, May 13, 2002 7:24 PM
Subject: Serial Connection Password Cracker.
> I'm looking for a program that can do a dictionary based attack on a
> device that is connected to a laptop via com port, serial port.
> Its a piece of hardware that has no lockout after successive bad
> passwords and there is no delay between try's.
> If there isn't a cracking program out there with this capability I guess
> I will have to write some software that will do it.
>
> Its a Panasonic KX-TVS75 phone system to be exact, I have the piece of
> hardware in my possession but I forgot the console password.
>
> -C
>
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on May 14 2002
Intro
