Penetration Testing mailing list archives
WarDialing: can't identify the system (binary signature)
From: Zgrp unknow <zgrp_zgrp () yahoo com br>
Date: Thu, 22 May 2008 12:38:08 -0300 (ART)
Hi pentesters I'm conducting a WarDialing assesment and I found some numbers from my range that "are connectable"... they are not unix-like systems (at last I *think*), the output produced by them is not human readable (like binary protocols). If I connect to some of them via Windows Hyperterminal I get strange texts like: "~?~?~?~?~?~?~?~?~?" "C??N??E??T??3??0??N??E??" Or other unreadable things like the above. Some detailed information from the WarDailing is below: - SENT ATDT NUMBER01<CR> - RECEIVED <CR><NL> 0d 0a - RECEIVED CONNECT 300 NoEC<CR><NL>43 4f 4e 4e45 43 54 20 33 30 30 20 4e 6f 45 43 0d 0a - RECEIVED ~?~?~?~?~?~?~?~?~?<?><NUL><BS><STX><SOH>@<DLE><BS><EOT><STX><SOH>@<DLE><BS><EOT><STX><SOH>@%<?>~?<?><EOT><DLE><?><?>D<?><?>~? 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f df 00 08 02 01 40 20 10 08 04 02 01 40 20 10 08 04 02 01 40 25 f6 7e 3f df 04 10 e0 d7 44 d5 f9 7e 3f - RECEIVED <CR><NL> 0d 0a - RECEIVED NO CARRIER<CR><NL> 4e 4f 20 4341 52 52 49 45 52 0d 0a - SENT ATDT NUMBER02<CR> - RECEIVED <CR><NL> 0d 0a - RECEIVED CONNECT 300 NoEC<CR><NL> 434f 4e 4e 45 43 54 20 33 30 30 20 4e 6f 45 43 0d 0a - RECEIVED ~?~?~?~?~?~?~?~? 7e 3f 7e 3f7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f - RECEIVED ~?~?~?~?~?~?~?~?~<US><NUL><?>@<DLE><BS><EOT><STX><SOH>@ <DLE><BS><EOT><STX><SOH>@<?><?><?><?><EOT><DLE><?><?>D<?><?><?> 7e 3f 7e3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 3f 7e 1f 00 81 40 20 10 08 04 02 01 40 20 10 08 04 02 01 40 20 90 c9 f6 df 04 10 e0 d7 44 d5 f9 fe - RECEIVED <CR><NL> 0d 0a - RECEIVED NO CARRIER<CR><NL> 4e 4f 20 4341 52 52 49 45 52 0d 0a Do you know what application it can be? Are there any big and constantly updated list on the internet about WarDailing signatures that I could use to identify them? Any tips, ideas, are welcome. cheers Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento! http://br.mail.yahoo.com/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- WarDialing: can't identify the system (binary signature) Zgrp unknow (May 22)
- Re: WarDialing: can't identify the system (binary signature) Marco Ivaldi (May 23)