Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Pentesting a Web Applicaton
From: "Hylton Conacher (ZR1HPC)" <hylton () conacher co za>
Date: Mon, 04 Jun 2007 12:19:03 +0200

Stong, Ian C CTR DISA GIG-CS wrote:
Just for clarification - I have backups of the configs and could reset
the device and reload the config but as soon as you do that it also
restores the password. In addition you can't change the password without
knowing the old password.
I would suggest looking at the backup files, after making a copy of
them, and seeing if you can obtain a clear text password or even
password hash.
With the password hash I am almost sure you could run it through a set
of rainbow tables and also through another method to obtain the real
password, which in this case should be both the same obtained from the
rainbow tables and other app.

Take an evening, reset the device, try the cracked password. If it works
you have lost nothing and can reset the password. If it doesn't work you
have also lost nothing but you have gained the knowledge that the
cracked password is one that doesn't work.

Another thing to try is accessing the device from the cmd line via the
IP I am sure you have. Try and see if there is anything in the cmd line
help regarding lost passwords ie C;\> 'commandtoconnecttodevice -h'
sans quotes. Try the 1st cracked password too as maybe the web interface
has a different passwd.


And it's not actually the model listed and it's not a work device.
Didn't want to give away the actual model number, IP address and code
version, etc in case someone got bored and tried to hack away at it
externally :)
Now who would do something like that? :)

Let us know the outcome.
Hylton

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault