Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / avaya_switches.nasl < prev next >

Wrap

Text File | 2005-03-31 | 2KB | 77 lines

# # This script was written by Charles Thier <cthier@thethiers.net> # # GPLv2 # if(description) { script_id(17638); script_version("$Revision: 1.1 $"); script_cve_id("CAN-1999-0508"); name["english"] = "Avaya P330 Stackable Switch found with default password"; script_name(english:name["english"]); desc["english"] = " The remote host appears to be an Avaya P330 Stackable Switch with its default password set. The attacker could use this default password to gain remote access to your switch. This password could also be potentially used to gain other sensitive information about your network from the switch. Solution : Telnet to this switch and change the default password. Risk factor : High"; script_description(english:desc["english"]); summary["english"] = "Logs into Avaya switches with default password"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005 Charles Thier"); script_family(english:"Misc."); script_require_ports(23); exit(0); } # # The script code starts here # include("telnet_func.inc"); usrname = string("root\r\n"); password = string("root\r\n"); port = 23; if(get_port_state(port)) { tnb = get_telnet_banner(port); if ( ! tnb ) exit(0); if ("Welcome to P330" >< tnb) { soc = open_sock_tcp(port); if(soc) { answer = recv(socket:soc, length:4096); if("ogin:" >< answer) { send(socket:soc, data:usrname); answer = recv(socket:soc, length:4096); send(socket:soc, data:password); answer = recv(socket:soc, length:4096); if("Password accepted" >< answer) { security_hole(port:23); } } close(soc); } } }