Looks like a Borderware firewall

From: The Blueberry (acr872k@hotmail.com)
Date: Thu Aug 22 2002 - 14:52:35 EDT


>>
>>
>>But as we are on the subject, does anyone knows what is used as
>>credentials for the Checkpoint? Are there default passwords? I did not
>>found them in my default password lists...
>>
>Not that I know of. Which Checkpoint? You didn't talk of any.
>

LOL! Looks like I was *a bit* tired at that point.. anyway.. I tried the
BWClient utility and realized that it sent POSTs requests while
communicating with the firewall.. I think I will brute force the password
but for this I must reproduce the behavior of BWClient. I know that he sends
out the password ("password" in this case, but for the same password it
changes each time) in this format:

QOs_9OGelB05RYaW8fo70TsO7ZH5r5uHZuKdAml3BlLU1ps4Cp0g6SFV.pGLVqEN

Anyone recognizes the hashing algorithm used? I searched the borderware site
to no avail.. They only say that the entire session can be encrypted through
ssl on port 442.. Even BWClient.exe's disassembly gave no (apparent) clues.

--TB

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:24 EDT