I stumbled across this board while doing some research on attempting to hack the Powerlink2 module. I wanted to submit some bits of info that I have found while probing the module. Has anyone else had any luck trying to get into the Powerlink2?
Possibly this board: http://foxlx.acmesystems.it/
It seems that root, admin and visonic are valid users (via telnet) but haven't tried enough passwords yet.
nmap results:
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
80/tcp open http
443/tcp open https
2530/tcp open unknown
2531/tcp open unknown
2812/tcp open unknown
6310/tcp open unknown
7520/tcp open unknown
8082/tcp open blackice-alerts
8083/tcp open unknown
8084/tcp open unknown
Device type: specialized
Code: Select all
Running: Linux 2.6.X
OS details: Linux 2.6.12 on FOX embedded development board
OS Fingerprint:
OS:SCAN(V=4.20%D=9/19%OT=22%CT=1%CU=37235%PV=Y%DS=1%G=Y%M=00126C%TM=4E77C1F
OS:4%P=i686-redhat-linux-gnu)SEQ(SP=CF%GCD=1%ISR=D3%TI=Z%II=I%TS=7)OPS(O1=M
OS:5B4ST11NW1%O2=M5B4ST11NW1%O3=M5B4NNT11NW1%O4=M5B4ST11NW1%O5=M5B4ST11NW1%
OS:O6=M5B4ST11)WIN(W1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6=16A0)ECN(R=Y%
OS:DF=Y%T=40%W=16D0%O=M5B4NNSNW1%CC=N%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=
OS:0%Q=)T2(R=N)T3(R=Y%DF=Y%T=40%W=16A0%S=O%A=S+%F=AS%O=M5B4ST11NW1%RD=0%Q=)
OS:T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S
OS:+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=
OS:Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%TOS=C0%IPL=164%UN=0
OS:%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)IE(R=Y%DFI=N%T=40%TOSI=S%CD=S%S
OS:I=S%DLI=S)
Code: Select all
22/tcp open ssh Dropbear sshd 0.52 (protocol 2.0)
23/tcp open skype Skype VoIP data channel
80/tcp open http Apache httpd 1.3.31 ((Unix) PHP/4.3.9 mod_ssl/2.8.20 OpenSSL/0.9.7e)
443/tcp open http Apache httpd 1.3.31 ((Unix) PHP/4.3.9 mod_ssl/2.8.20 OpenSSL/0.9.7e)
2530/tcp open http Apache httpd 1.3.31 ((Unix) PHP/4.3.9 mod_ssl/2.8.20 OpenSSL/0.9.7e)
2531/tcp open http Apache httpd 1.3.31 ((Unix) PHP/4.3.9 mod_ssl/2.8.20 OpenSSL/0.9.7e)
2812/tcp open http monit httpd 5.1.1
6310/tcp open unknown
7520/tcp open http Apache httpd 1.3.31 ((Unix) PHP/4.3.9 mod_ssl/2.8.20 OpenSSL/0.9.7e)
8082/tcp open blackice-alerts?
8083/tcp open unknown
8084/tcp open unknown
3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at h
ttp://www.insecure.org/cgi-bin/servicefp-submit.cgi :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port8082-TCP:V=4.20%I=7%D=9/19%Time=4E77C256%P=i686-redhat-linux-gnu%r(
SF:GetRequest,215,"HTTP/1\.1\x20404\x20Not\x20Found\r\nContent-type:\x20te
SF:xt/html\r\nConnection:\x20close\r\nDate:\x20Wed,\x2026\x20Jan\x202000\x
SF:2009:50:43\x20UTC\r\nServer:\x20Xmlrpc-c_Abyss/1\.21\.0\r\n\r\n<HTML><H
SF:EAD><TITLE>Error\x20404</TITLE></HEAD><BODY><H1>Error\x20404</H1><P>Thi
SF:s\x20XML-RPC\x20For\x20C/C\+\+\x20Abyss\x20XML-RPC\x20server\x20respond
SF:s\x20to\x20only\x20one\x20URI\x20path\.\x20\x20I\x20don't\x20know\x20wh
SF:at\x20URI\x20path\x20that\x20is,\x20but\x20it's\x20not\x20the\x20one\x2
SF:0you\x20requested:\x20'/'\.\x20\x20\(Typically,\x20it's\x20'/RPC2'\)</P
SF:><p><HR><b><i><a\x20href=\"http://xmlrpc-c\.sourceforge\.net\">ABYSS\x2
SF:0Web\x20Server\x20for\x20XML-RPC\x20For\x20C/C\+\+</a></i></b>\x20versi
SF:on\x201\.21\.0<br></p></BODY></HTML>")%r(FourOhFourRequest,230,"HTTP/1\
SF:.1\x20404\x20Not\x20Found\r\nContent-type:\x20text/html\r\nConnection:\
SF:x20close\r\nDate:\x20Wed,\x2026\x20Jan\x202000\x2009:50:43\x20UTC\r\nSe
SF:rver:\x20Xmlrpc-c_Abyss/1\.21\.0\r\n\r\n<HTML><HEAD><TITLE>Error\x20404
SF:</TITLE></HEAD><BODY><H1>Error\x20404</H1><P>This\x20XML-RPC\x20For\x20
SF:C/C\+\+\x20Abyss\x20XML-RPC\x20server\x20responds\x20to\x20only\x20one\
SF:x20URI\x20path\.\x20\x20I\x20don't\x20know\x20what\x20URI\x20path\x20th
SF:at\x20is,\x20but\x20it's\x20not\x20the\x20one\x20you\x20requested:\x20'
SF:/nice\x20ports,/Trinity\.txt\.bak'\.\x20\x20\(Typically,\x20it's\x20'/R
SF:PC2'\)</P><p><HR><b><i><a\x20href=\"http://xmlrpc-c\.sourceforge\.net\"
SF:>ABYSS\x20Web\x20Server\x20for\x20XML-RPC\x20For\x20C/C\+\+</a></i></b>
SF:\x20version\x201\.21\.0<br></p></BODY></HTML>")%r(HTTPOptions,215,"HTTP
SF:/1\.1\x20404\x20Not\x20Found\r\nContent-type:\x20text/html\r\nConnectio
SF:n:\x20close\r\nDate:\x20Wed,\x2026\x20Jan\x202000\x2009:50:48\x20UTC\r\
SF:nServer:\x20Xmlrpc-c_Abyss/1\.21\.0\r\n\r\n<HTML><HEAD><TITLE>Error\x20
SF:404</TITLE></HEAD><BODY><H1>Error\x20404</H1><P>This\x20XML-RPC\x20For\
SF:x20C/C\+\+\x20Abyss\x20XML-RPC\x20server\x20responds\x20to\x20only\x20o
SF:ne\x20URI\x20path\.\x20\x20I\x20don't\x20know\x20what\x20URI\x20path\x2
SF:0that\x20is,\x20but\x20it's\x20not\x20the\x20one\x20you\x20requested:\x
SF:20'/'\.\x20\x20\(Typically,\x20it's\x20'/RPC2'\)</P><p><HR><b><i><a\x20
SF:href=\"http://xmlrpc-c\.sourceforge\.net\">ABYSS\x20Web\x20Server\x20fo
SF:r\x20XML-RPC\x20For\x20C/C\+\+</a></i></b>\x20version\x201\.21\.0<br></
SF:p></BODY></HTML>");