Tags › tftp theft
Getting root access on Cisco CallManager 7 and 8 Server, Athcon, updates in new tool tftptheft and the VoIP honeynet challenge
Published on Jun 1, 2010 in conferences, voip security, cyber crime, softphone security, tftp theft
Lots going on right now. The following is a summary: Recurity Labs just published the jail-break for Cisco CallManager (CUCM) v7/8 which I had something to do with ;-) Will be presenting at Athcon on VoIP insecurities and cybercrime- drop me an email if you’ll be there TFTPTheft has been updated to support template filenames Will be posting more on TFTPTheft with use cases and examples. If you do have questions, drop me an email.…
Read more »New tool in the works: TFTPTheft
Published on May 28, 2010 in security tools, tftp theft
Most sysadmins just love the idea of switching on a box that just works automatically. In the case of IP phones that is typically possible by setting up the right DHCP config and a TFTP server hosting firmware and configuration. My introduction to TFTP The TFTP protocol typically runs over port 69, and the above image shows a rather insecure doll. The TFTP protocol is rather simple and lightweight: Runs on top of UDP Does not support authentication Only supports pulling and pushing (GET and PUT) of files (no directory listing) New tools?…
Read more »