Penetration Testing mailing list archives
Pentesting a HP-UX with SMSC
From: "J. K." <pentest_ml () yahoo com>
Date: Wed, 8 Jun 2005 07:05:00 -0700 (PDT)
Hello fellow pen-testers,
in my current engagement I bumped into a HP-UX
(B.11.11) server protected by a firewall (not an
internet facing firewall, tho).
The only open ports I can connect to are telnet and
9971.
Connecting to 9971 I get the following:
# telnet x.x.x.x 9971
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
CIMD2-A ConnectionInfo: SessionId = 32551 PortId = 4
Time = 050608153449 AccessType = TCPIP_SOCKET PIN =
630777
Googling around, I found that this daemon should be a
SMSC (Short Message Service Center). I also found that
on HP-UX there are a few SMSC apps available (Locus,
FEELingK,...)
My questions are:
1. Do you know of any vulnerability or attack avenue
on this protocol/service ?
2. Do you know if these SMSC apps install some default
user whose password I can try to guess ?
3. Any other idea ?
Of course I could just fire off Hydra against the
telnet server, but I would like to find something less
noisy ;)
Thanks
j.k.
__________________________________
Discover Yahoo!
Have fun online with music videos, cool games, IM and more. Check it out!
http://discover.yahoo.com/online.html
Current thread:
- Pentesting a HP-UX with SMSC J. K. (Jun 08)
- <Possible follow-ups>
- RE: Pentesting a HP-UX with SMSC Sebastian Muñiz (Jun 10)
- RE: Pentesting a HP-UX with SMSC J. K. (Jun 12)
- RE: Pentesting a HP-UX with SMSC Sebastian Muñiz (Jun 12)
- Pentesting a SONUS / SIP Network Luis H. Gomez-Danes Mejia (Jun 12)
- Re: Pentesting a SONUS / SIP Network Mihai Amarandei (Jun 13)
- Pentesting a SONUS / SIP Network Luis H. Gomez-Danes Mejia (Jun 12)