Hello all, Today i discovered a pseudo backdoor [thru a default password] while trying to reset the password on a Planet Technology Corp FGSW2402RS switch. Allthough i dont consider this to be a real problem since the only access seems to be thru the serial port, i would like to share this with the community since it isnt documented *anywhere* and Planet Technology Corp doesnt even reply to emails asking for support on their products. So...we start with a common ASCII analisys of the firmware [revision 1.2]: root@leonardo-root ~/planet# strings FGSW-2402RS_ISP_1.2.txt ... admin [^_^] ISPMODE ... root@leonardo-root ~/planet# Admin is the obvious login and ISPMODE is the password used for uploading a new firmware to the equipment. If we connect to the equipment and send admin as the login and "[^_^]" as the password we get the same login prompt again (as if the password had failed) and the password has now been reset to "". Best regards, +------------------------- | Luís Miguel Silva | Security Consultant | Centro de Informática Correia Araújo | Faculdade de Engenharia da | Universidade do Porto
Attachment:
binEI4gZ214sj.bin
Description: PGP Public Key