Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: Serial Connection Password Cracker.

RE: Serial Connection Password Cracker.

From: Greg <greg_at_hoobie.net>
Date: Tue, 14 May 2002 20:18:34 +0100

Software such as the following will let you to TCP 'connections' to a serial
port.

http://www.tglmicro.com/Inet2Com.htm

This is a tcp socket server that redirects all I/O to a serial port. It's
commerical, however there is a 30-day eval.

> -----Original Message-----
> From: Lists [mailto:fw1-list_at_ip9.co.uk]
> Sent: 13 May 2002 22:56
> To: pen-test_at_securityfocus.com; CMichal_at_oracular.com
> Subject: Re: Serial Connection Password Cracker.
>
>
> If you could somehow get it attached to the network (e.g. use nc
> to connect
> the serial port to a listening "socket") you could then try something like
> brutus (http://www.hoobie.net/brutus/) and a word list, i think LC3
> (http://www.atstake.com) had a nice one. I had to do something
> similar once,
> and i used a linux console server program to allow me to "telnet" to the
> serial port, you might even be able to fudge something together
> with a copy
> of minicom if you have a linux box to hand - then just point brutus at it.
>
>
> ----- Original Message -----
> From: <CMichal_at_oracular.com>
> To: <pen-test_at_securityfocus.com>
> Sent: Monday, May 13, 2002 7:24 PM
> Subject: Serial Connection Password Cracker.
>
>
> > I'm looking for a program that can do a dictionary based attack on a
> > device that is connected to a laptop via com port, serial port.
> > Its a piece of hardware that has no lockout after successive bad
> > passwords and there is no delay between try's.
> > If there isn't a cracking program out there with this capability I guess
> > I will have to write some software that will do it.
> >
> > Its a Panasonic KX-TVS75 phone system to be exact, I have the piece of
> > hardware in my possession but I forgot the console password.
> >
> > -C
> >
> >
> >
> --------------------------------------------------------------------------
> --
> > This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities please
> see:
> > https://alerts.securityfocus.com/
> >
> >
>
>
> ------------------------------------------------------------------
> ----------
> This list is provided by the SecurityFocus Security Intelligence
> Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities
> please see:
> https://alerts.securityfocus.com/
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on May 15 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]