Monday, November 15, 2010

VXworks - Open can of worms...

I am not sure why I forgot to publish a comments about this before. Probably because I was busy with other things at the time. Anyways, as a lot of you guys already might know, HD Moore gave a presentation on Defcon about VXworks operating system and some security vulnerabilities that he identified during his investigation over a number of devices that use this operating system. A lot of the details have already been published by HD in the metasploit blog. However, I would like to add, people if you have not tested or use these modules on your pentests I will just say: DO IT!!

I remember one of the things that HD Moore mentioned starting his presentation at Defcon was: "Have you ever seen some high weired ports on your pentests and just because you did not know what the service was about you will move to the next service, well.."... I mean it was something like that. Well I remember having at least two pentests where I saw some of these VXworks ports and did not pay a lot of attention after playing with them a little bit. Shame on me... the UDP port 17185 does not ring a bell but after you read the info in the metasploit blog it will.

Well, I just wanted to throw this out there and since all the info is already posted out I will not waste your time anymore.

Happy hacking.

c4an.

SAP application server default passwords

This is something that I want to share here just because sometimes I forget the links that I see out there. So just for the sake of it this a link to another page where I found the following info:



SAP*:06071992 clients: 000 001 066 and custom
DDIC:19920706 clients: 000 001 066 and custom
SAPCPIC:admin clients: 000 001
EARLYWATCH:support clients: 000 001 066
TMSADM:password clients: 000 001