| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Oct 2005 01:52:27 +0100
From: lms@...up.pt
To: bugtraq@...urityfocus.com
Cc: tito@...up.pt
Subject: Planet Technology Corp FGSW2402RS switch default password /
"backdoor"
Hello all,
Today i discovered a pseudo backdoor [thru a default password] while trying to
reset the password on a Planet Technology Corp FGSW2402RS switch.
Allthough i dont consider this to be a real problem since the only access seems
to be thru the serial port, i would like to share this with the community since
it isnt documented *anywhere* and Planet Technology Corp doesnt even reply to
emails asking for support on their products.
So...we start with a common ASCII analisys of the firmware [revision 1.2]:
root@...nardo-root ~/planet# strings FGSW-2402RS_ISP_1.2.txt
...
admin
[^_^]
ISPMODE
...
root@...nardo-root ~/planet#
Admin is the obvious login and ISPMODE is the password used for uploading a new
firmware to the equipment.
If we connect to the equipment and send admin as the login and "[^_^]" as the
password we get the same login prompt again (as if the password had failed) and
the password has now been reset to "".
Best regards,
+-------------------------
| Luís Miguel Silva
| Security Consultant
| Centro de Informática Correia Araújo
| Faculdade de Engenharia da
| Universidade do Porto
Content of type "application/pgp-keys" skipped
Powered by blists - more mailing lists