UGN Security
Posted By: chuckyb555 system type - 09/29/03 03:23 AM
Ok, I have connected to a computer and i have been prompted by the logon screen, which says

--- Connected to Site: 2211311401 ---

--- Sentinel 2000S - User Authentication ---
Please Enter User ID ->

-----Can this prompt give me any information about the system i am about to hack, nd can I find out more about the system (OS, etc.)? Any help would be appreciated
Posted By: pergesu Re: system type - 09/29/03 03:56 AM
http://www.bomara.com/Ion-Networks/solutions/appnotes/Datasheets/sentinel_2000s.htm

Check that out
Posted By: chuckyb555 Re: system type - 09/29/03 04:07 AM
yeah i've already checked that out.... it didn't really provide much useful info.....
Posted By: sinetific Re: system type - 09/29/03 07:55 AM
It probably just runs some router firmware that you remotely manage. I believe it's called PRIISMS.
Posted By: chuckyb555 Re: system type - 09/29/03 08:21 AM
so how in the world am i supposed to get a user name and/or password???
Posted By: Infinite Re: system type - 09/29/03 09:08 AM
A-HA!

You're finally starting to get it.

How are you supposed to find the user/pass combination? Well son, that is exactly what cracking is all about (and yes, you are trying to crack, NOT hack).

There is no one way to do this, and it is something that you have to figure out for yourself. You've gotten this far, just keep going.

Infinite
Posted By: Ghost Re: system type - 09/29/03 10:43 AM
Brute forceing passwords takes too long. I hate sitting there guessing over and over again until the computer on the other end dissconnects you and you re connect to repeat the whole process.
Posted By: Ntd Re: system type - 09/29/03 01:20 PM
Well you can do research on the software to find out what OS and stuff it is compatible with and you might find that it has some vulnerabilities.
Posted By: jonconley Re: system type - 09/29/03 11:12 PM
As stated before, check the website for support issues regarding holes, patches, and default passwords/settings.
Posted By: sinetific Re: system type - 09/30/03 03:37 AM
http://www.hedge-hog.com/bbs/bigtechmessages/948.html

Your not going to get into this machine. The company that makes them ION is completely security focused. The machine has one open port and only runs on service, remote login. The only way to get the user/pass would be a brute force attempt that would be quickly detected(unless you did it really sneaky through proxies n such and did it slower than [censored]). There are no vulnerability/exploit/holes or anything like that listed for the system. You could try the defualt user/pass combos but I dont think that someone that spent the money/time to get one of these systems would be stupid enough to use defualts since its obviously a system for some one with security as a high priority.
Posted By: jonconley Re: system type - 10/01/03 01:05 AM
Cute. Interesting find though Chucky. If a company paid to have this type of technology in place, I sincerely hope you covered your tracks well.
© UGN Security Forum