RE: RE: Pentesting a Web Applicaton

From: Alex Balayan (abalayan@b-sec.com)
Date: Mon Jun 11 2007 - 00:51:18 EDT

• Next message: Miguel Hernandez y Lopez: "Re: Vulnerability Assessment"
• Previous message: Michael Scheidell: "RE: Pen Testing Tippingpoint"
• In reply to: sherwyn.williams@gmail.com: "Re: RE: Pentesting a Web Applicaton"
• Next in thread: Hylton Conacher (ZR1HPC): "Re: Pentesting a Web Applicaton"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi All,

I started to follow this thread because I thought it was actually about pen testing a "web application" not a embedded device...

I have found on some router devices that you can download the config files if you force browse to the full path of the config file. But I'm starting to see less of this because vendors are starting to secure the devices.

Eg. http://path/to/config

My 2 cents worth....

Regards,

Alex Balayan - CE|H EnCE CEPT CCNA
Senior Security Consultant
Application Specialist
Disclaimer:  www.b-sec.com.au/disclaimer.txt

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On Behalf Of sherwyn.williams@gmail.com
Sent: Saturday, 2 June 2007 6:43 AM
To: Jamie Riden; listbounce@securityfocus.com; Stong, Ian C CTR DISA GIG-CS
Cc: pen-test@securityfocus.com
Subject: Re: RE: Pentesting a Web Applicaton

Agreed trying to get the password from the config is a good way to go.
Maybe check on the vendor website or forun related to the product.
Sherwyn Williams
Technical Support
The Williams Solutions

-----Original Message-----
From: "Jamie Riden" <jamie.riden@gmail.com>
Date: Fri, 1 Jun 2007 20:38:57
To:"Stong, Ian C CTR DISA GIG-CS" <Ian.Stong.ctr@disa.mil>
Cc:pen-test@securityfocus.com
Subject: Re: RE: Pentesting a Web Applicaton

In that case the easiest attack might be against the config file. (Eek
- my Netgear router stores the password in clear in its backup file!)

cheers,
 Jamie

On 01/06/07, Stong, Ian C CTR DISA GIG-CS <Ian.Stong.ctr@disa.mil> wrote:
> Just for clarification - I have backups of the configs and could reset
> the device and reload the config but as soon as you do that it also
> restores the password. In addition you can't change the password without
> knowing the old password.

-- 
Jamie Riden, CISSP / jamesr@europe.com / jamie@honeynet.org.uk
UK Honeynet Project: http://www.ukhoneynet.org/
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------

• Next message: Miguel Hernandez y Lopez: "Re: Vulnerability Assessment"
• Previous message: Michael Scheidell: "RE: Pen Testing Tippingpoint"
• In reply to: sherwyn.williams@gmail.com: "Re: RE: Pentesting a Web Applicaton"
• Next in thread: Hylton Conacher (ZR1HPC): "Re: Pentesting a Web Applicaton"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT