Penetration Testing mailing list archives

RE: Linksys Pen Test

From: "Mark Curphey" <mark () curphey com>
Date: Tue, 19 Jun 2001 18:45:19 -0700

Out if the box they have a web interface enabled on 192.168.1.1 (obviously
limited use from the net) to allow remote administration. It uses basic HTTP
authentication with a default username and password that is in the user
manual (page 17). Leave the username blank and admin for the password. If
that's been changed but the web admin interface is still open, a simple perl
script using libwww, elza or even www.hoobie.net might be useful to brute
force if they have changed the pw.

-----Original Message-----
From: IUSR_MAIL [mailto:iusr () usa net]
Sent: Tuesday, June 19, 2001 11:14 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Linksys Pen Test


Wonderin if someone could help by giving me some tips on Pen Testing a
Linksys
box.  Unfortunately, I have not had the pleasure of working with one and I
am
unfamiliar with the config, vulnerabilities, etc.  Any info on things I
should
look for, tools to use, or helpful links would be greatly appreciated!

Thanks in advance {t?t}!!



____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1

Current thread:

Linksys Pen Test IUSR_MAIL (Jun 19)
- RE: Linksys Pen Test Mark Curphey (Jun 19)
- <Possible follow-ups>
- RE: Linksys Pen Test NetW3.COM Consulting (Jun 20)
  - Re: Linksys Pen Test Nexus (Jun 21)
    - Re: Linksys Pen Test Dragos Ruiu (Jun 21)
- RE: Linksys Pen Test auto241065 (Jun 21)
- RE: Linksys Pen Test Bridis, Ted (Jun 21)
  - Re: Linksys Pen Test Nexus (Jun 22)