Printable View
nebulus200: Thats what I suggested. However, his access to the hashes are from the source code made available by linksys under GPL. If he modded the password file, compiled the source and uploaded the modded firmware, then he'll have access. AFAIK, he doesn't have access to the /etc/shadow file on the live system. Only source. See my post above for links to source.
Ahhh, missed that, my attention span is very short atm...nasty little 'variations' of zotob floating around...fun fun fun...
Saw one of these on our network: http://www.f-secure.com/v-descs/ircbot_es.shtml
Still waiting to get my hands on that system so I can look at it a little harder...
I was looking at that linksysinfo page, for one it appears you need to compile the source on a redhat 7 box....i will give the cracker a little time until i find some spare piece of junk to compile it on. I am also afraid if the hacked source screws up or something, my work will be out a $200 camera.
Given it alot of time...still nothing yet:
guesses: 0 time: 9:20:59:44 (3) c/s: 13574 trying: WbbylY
guesses: 0 time: 11:22:56:05 (3) c/s: 14493 trying: p0igwnG
Looks like I got about 2 days on ya nebulus if you wanna call it quits....This machine hasnt been rebooted in about 2 months, and that was for hardware reasons. I will let it keep chuggin.
Yeah, I forgot originally to do it in session based and wound up having to turn it off because a case fan died...when my CPU got up to 110...I pulled the plug :) Anyway, I think I will let it keep going, its a pretty damn fast computer and I have been letting it run over night with max CPU priority (kinda cool watching my screensaver take a full 60 s to render :) )Quote:
Originally posted here by kr5kernel
guesses: 0 time: 11:22:56:05 (3) c/s: 14493 trying: p0igwnG
Looks like I got about 2 days on ya nebulus if you wanna call it quits....This machine hasnt been rebooted in about 2 months, and that was for hardware reasons. I will let it keep chuggin.