Skip to main content
Sandro Gauci

Sandro Gauci, Enable Security

Getting root access on Cisco CallManager 7 and 8 Server, Athcon, updates in new tool tftptheft and the VoIP honeynet challenge

Lots going on right now. The following is a summary: Recurity Labs just published the jail-break for Cisco CallManager (CUCM) v7/8 which I had something to do with ;-) Will be presenting at Athcon on VoIP insecurities and cybercrime- drop me an email if you’ll be there TFTPTheft has been updated to support template filenames Will be posting more on TFTPTheft with use cases and examples. If you do have questions, drop me an email.…

Read more »
Sandro Gauci

Sandro Gauci, Enable Security

New tool in the works: TFTPTheft

Published on May 28, 2010 in ,

Most sysadmins just love the idea of switching on a box that just works automatically. In the case of IP phones that is typically possible by setting up the right DHCP config and a TFTP server hosting firmware and configuration. My introduction to TFTP The TFTP protocol typically runs over port 69, and the above image shows a rather insecure doll. The TFTP protocol is rather simple and lightweight: Runs on top of UDP Does not support authentication Only supports pulling and pushing (GET and PUT) of files (no directory listing) New tools?…

Read more »