Author Topic: Unsecured Packet8 Devices  (Read 2725 times)

Offline Godot

  • Go away, PLA!
  • PLA Corporate Drone
  • *****
  • Posts: 427
  • 1337 13V3L: +34/-7
    • Godot's Website
Unsecured Packet8 Devices
« on: March 18, 2007, 01:27:13 PM »
I was scanning for computers with port 80 open, and I found a couple completely unsecured Packet8 boxes. The most practical and fun feature I found to play with is the call log. It tells me who they called or were called by, and when. I could also change the box's network settings, set a password, or log packets (possibly used to moniter calls?). Any ideas on what I should do with these?
"I bought a cactus and it died a week later... I was really depressed, I thought, 'Damn, I am less nurturing than a desert.'" -Demetri Martin

Offline Godot

  • Go away, PLA!
  • PLA Corporate Drone
  • *****
  • Posts: 427
  • 1337 13V3L: +34/-7
    • Godot's Website
Re: Unsecured Packet8 Devices
« Reply #1 on: March 19, 2007, 01:40:41 PM »
I just found an unsecured Linksys PAP2! It is connected to two phone lines, and I can forward all incoming calls on those lines to any phone number. It works. When I call the phone number on the status page after setting up call forwarding, it sends the call through to the forward number.
"I bought a cactus and it died a week later... I was really depressed, I thought, 'Damn, I am less nurturing than a desert.'" -Demetri Martin

Offline mr_doc

  • Supergluer of coins
  • PLA Junkie
  • *****
  • Posts: 801
  • 1337 13V3L: +71/-24
    • PLA LotGD
Re: Unsecured Packet8 Devices
« Reply #2 on: March 19, 2007, 04:12:30 PM »
I was scanning for computers with port 80 open...

You mean scanning for routers that are remote config enabled; otherwise if port 80 is open it's probably a webserver.

If this is a business forward the calls to RBCP or Murdoc so we can get some new 'takeover' calls
PLAlotgd  -If you play, I will hate you a little less.
Unnamed Forums

Offline Godot

  • Go away, PLA!
  • PLA Corporate Drone
  • *****
  • Posts: 427
  • 1337 13V3L: +34/-7
    • Godot's Website
Re: Unsecured Packet8 Devices
« Reply #3 on: March 19, 2007, 05:29:51 PM »
It claims to be Modern Amenity Homes, Inc. They don't get a ton of calls, but if RBCP or Murdoc want me to, I will set it up.
"I bought a cactus and it died a week later... I was really depressed, I thought, 'Damn, I am less nurturing than a desert.'" -Demetri Martin

Offline Godot

  • Go away, PLA!
  • PLA Corporate Drone
  • *****
  • Posts: 427
  • 1337 13V3L: +34/-7
    • Godot's Website
Re: Unsecured Packet8 Devices
« Reply #4 on: March 22, 2007, 04:04:28 PM »
I found a ton more of the Packet8 devices while scanning some other IP ranges. Here is one for you all to play with: http://75.109.38.127/
"I bought a cactus and it died a week later... I was really depressed, I thought, 'Damn, I am less nurturing than a desert.'" -Demetri Martin

Offline brianwk

  • Newb
  • *
  • Posts: 16
  • 1337 13V3L: +0/-3
Re: Unsecured Packet8 Devices
« Reply #5 on: March 30, 2007, 02:55:56 AM »
You can pull the SIP proxy and authorization details and make free phone calls from their VoIP account.

Offline brianwk

  • Newb
  • *
  • Posts: 16
  • 1337 13V3L: +0/-3
Re: Unsecured Packet8 Devices
« Reply #6 on: March 30, 2007, 03:38:40 AM »
I was scanning for computers with port 80 open, and I found a couple completely unsecured Packet8 boxes. The most practical and fun feature I found to play with is the call log. It tells me who they called or were called by, and when. I could also change the box's network settings, set a password, or log packets (possibly used to moniter calls?). Any ideas on what I should do with these?

You can use SIP packet logging to gain access to the SIP username and password.
Enable SIP packet logging and then look for the SIP authorization packets, it will look similar to HTTP authentication. Then simply inject these packets. The way you inject the packets is up to you and I will leave it as an exercise to the reader to figure it out. I don't want to make it easy for script kiddies.

Offline splynt0r

  • PLA Corporate Drone
  • *****
  • Posts: 415
  • 1337 13V3L: +19/-10
  • Rip. Sample. Mash. Share
Re: Unsecured Packet8 Devices
« Reply #7 on: March 30, 2007, 03:45:08 AM »
There is an edit button.
I found it about a week ago  ;D