Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Pentesting Telephone-Systems
From: "Beauford, Jason" <jbeauford () EightInOnePet com>
Date: Tue, 6 Sep 2005 15:05:16 -0400

I know that a lot of Voice Mail systems come with default passwords that
are remote enabled by default.  There are some VM products which use the
word "SYSTEM" as the default password.  You can actually dial up the
number, get the voice prompt, type in the numeric equivilent to "SYSTEM"
(=7977836) and have full access to configuration options.

As some SMB's (Small-Medium Business)  don't have an adequate IT Staff
or Telephony staff, often this goes overlooked.  This can allow for
making outbound phone calls from a remote location.  For instance if
your phone bill suddenly starts showing calls made to Lebanon or Turkey,
you'll know you have a problem.  

This is actually how a lot of Phone system hacks are done - use of
default passwords.  I wonder if anyone has a compilation of SYSTEM -
DEFAULT PASSWORD combinations.  That would be a nifty little list.

Here's one to get you started:  LINGO Voicemail uses the above mentioned
"SYSTEM" password.  As for products from the same manufacturer like
Repartee and Audix, I would GUESS they use the same as well.  I'm sure
they even provide documentation on their website for the initial
configs. www.activevoice.com

-jmb

     =|   -----Original Message-----
     =|   From: sebastian.michel () ctl-loeper de 
     =|   [mailto:sebastian.michel () ctl-loeper de] 
     =|   Sent: Tuesday, September 06, 2005 3:52 AM
     =|   To: pen-test () securityfocus com
     =|   Subject: Pentesting Telephone-Systems
     =|   
     =|   Hi,
     =|   
     =|   I spended much time to get technical informations 
     =|   about pentesting telephone systems, but with no success. 
     =|   
     =|   Where are security-flaws, what methods are know to 
     =|   work, which tools are already available and so on.
     =|   Did someone have informations about this or can tell 
     =|   me something?
     =|   
     =|   I heard that manufacturer are obligated to build in a 
     =|   backdoor for secret services in their products. Is this right?
     =|   
     =|   
     =|   thanks,
     =|   
     =|   
     =|   S.Michel
     =|   
     =|   ------------------------------------------------------
------------------------
     =|   Audit your website security with Acunetix Web 
     =|   Vulnerability Scanner: 
     =|   
     =|   Hackers are concentrating their efforts on attacking 
     =|   applications on your website. Up to 75% of cyber 
     =|   attacks are launched on shopping carts, forms, login 
     =|   pages, dynamic content etc. Firewalls, SSL and 
     =|   locked-down servers are futile against web 
     =|   application hacking. Check your website for 
     =|   vulnerabilities to SQL injection, Cross site 
     =|   scripting and other web attacks before hackers do! 
     =|   Download Trial at:
     =|   
     =|   http://www.securityfocus.com/sponsor/pen-test_050831
     =|   ------------------------------------------------------
-------------------------
     =|   
     =|   

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault