[11251] in bugtraq
[LoWNOISE] Password hunting with webramp
daemon@ATHENA.MIT.EDU (ET LoWNOISE)
Wed Aug 4 23:44:08 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.SUN.3.96.990803112821.17628B-100000@grex.cyberspace.org>
Date: Tue, 3 Aug 1999 11:34:59 -0400
Reply-To: ET LoWNOISE <et@CYBERSPACE.ORG>
From: ET LoWNOISE <et@CYBERSPACE.ORG>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
Just to go deeper.
Definition: (taken from www.webramp.com)
What is a WebRamp?
A WebRamp is a communications
device that allows your whole office to
share Internet access. You can choose
from a variety of different models
depending on your needs. While all
WebRamps allow you to share Internet
access, WebRamps can differ in the
types of modems they use, as well as
advanced features such as Access
Controls, VPN support, and Remote
Dial-in for telecommuters.
Now my stuff..
I have checked all the stuff about webramp on bugtraq and different
security lists. The only thing i have found are about DoS stuff on the M3
model but nothing more.
Today i was searching for web servers on a ISP and got many responses from
webramp servers. Some of them when you connect and ask you for
authorization they already tell you whats the username to use (wradmin).
The default username and password are: wradmin / trancell
The other ones possibly bad configurated because there wasnt any login and
password thing. Got me into their Setup Page.
On M3 models theres a page http://webramp/avconnX.htm where X is the modem
number 1,2,3.. there you can get the isp phone number they use, the
username they use, and the password like this ******, easy to get with a
sniffer or a password snooping program, OR READ THE FORM SOURCE CODE :).
On 200i models just go to express internet and you will find the same
stuff like M3. Why webramp put that info so free.. and why the passwords
are there? i dont see any utility for webramp to send usernames and
passwords to the clients that connect. it should be the other way.
Three are many other models but im only talking about M3 and 200i because
thats the ones i found.
Well, and what to do with a phone number (ISP), a username and a password?
(not one.. 3 aprox. 1 for each modem) use your imagination.
bye,
Efrain 'ET' Torres
[LoWNOISE] Colombia
et@cyberspace.org
pd/gracias aleph1.
