Re: Visonic Plugin Actie
Posted: Fri Jul 29, 2011 9:39 am
Taken from http://voksenlia.net/powerlink/:
"The root password
There are two ways of logging into Powerlink. Either by ftp, which will take you straight to the root filesystem, or by telnetting to port 7523 for a regular Unix login session. The root password depends on the software version. For version 2.1.1 the password is vispl211. For version 3.1.* (only verified for 3.1.7) the password is vispl31x. An alternative way that works for several versions is to log in as "root2" using the password visonic.
The passwords were no big secret, really. It turns out that the way cameras communicate with Powerlink is to upload pictures through ftp using the root acount. Ftp is totally unencrypted, so the password can easily be found by sniffing packets on the lan using a program like wireshark. /etc/password revealed the root2 user and the password was very weak and trivial to obtain. If none of the mentioned passwords work, I suggest to use the network sniffing method to find it. Having Powerlink and your PC on an old network hub will do the trick. Or try to guess the password. There seems to be a pattern..."
Het lijkt er dus op dat het niet zo moeilijk moet zijn om het passwoord te achterhalen voor de camera's.
"The root password
There are two ways of logging into Powerlink. Either by ftp, which will take you straight to the root filesystem, or by telnetting to port 7523 for a regular Unix login session. The root password depends on the software version. For version 2.1.1 the password is vispl211. For version 3.1.* (only verified for 3.1.7) the password is vispl31x. An alternative way that works for several versions is to log in as "root2" using the password visonic.
The passwords were no big secret, really. It turns out that the way cameras communicate with Powerlink is to upload pictures through ftp using the root acount. Ftp is totally unencrypted, so the password can easily be found by sniffing packets on the lan using a program like wireshark. /etc/password revealed the root2 user and the password was very weak and trivial to obtain. If none of the mentioned passwords work, I suggest to use the network sniffing method to find it. Having Powerlink and your PC on an old network hub will do the trick. Or try to guess the password. There seems to be a pattern..."
Het lijkt er dus op dat het niet zo moeilijk moet zijn om het passwoord te achterhalen voor de camera's.
