RE: Wardialing

From: Dawes, Rogan (ZA - Johannesburg) (rdawes@deloitte.co.za)
Date: Thu Sep 12 2002 - 03:20:00 EDT


Another mail prompted me to look at my old perl code (I started writing a
Unix war dialler), and I found the info on doing parity conversion in the
same place.

Here is my source. Play with it if you like, but please let me know if you
find it useful, or enhance it in any way. (I'd appreciate patches :-)

http://mysite.mweb.co.za/residents/rdawes/joshua-0.01.tar.gz

Thanks

Rogan

> -----Original Message-----
> From: Dawes, Rogan (ZA - Johannesburg) [mailto:rdawes@deloitte.co.za]
> Sent: Monday, September 09, 2002 11:01 PM
> To: 'John Madden'; pen-test@securityfocus.com
> Subject: RE: Wardialing
>
>
> To the best of my knowledge, the baud rate is only a factor
> in actually
> achieving the connection with the modem. If you dial the modem, and
> manage to negotiate a mutually agreeable baud rate (done automatically
> for you by the modem protocol), and your modem reports "CONNECT
> <rate>", you should be able to talk to the underlying/listening
> application at that rate, unless the recipient modem is badly set up.
>
> I haven't seen many applications where the baud rate is actually
> hard-coded, or enforced. Most applications are happy to talk
> as fast as
> they can, hence the use of flow-control protocols . . .
>
> Determining the parity settings is a slightly different task.
>
> As I understand it, the raw data received can be "post-processed" to
> determine the parity settings. I also have not seen any tool to do it,
> but I understand that ToneLoc actually does this "auto-parity"
> determination somehow.
>
> Somewhere on my hard drive I have some terminal emulator programs that
> have parity calculation routines in them. I got them off the
> net, so you
> could probably find them faster than I can at this point! (I
> found them
> about three years ago while trying to write my own war
> dialler in perl!)
>
> Good luck!
>
> Rogan
>
>
> > -----Original Message-----
> > From: John Madden [mailto:chiwawa999@yahoo.com]
> > Sent: 08 September 2002 02:46
> > To: pen-test@securityfocus.com
> > Subject: Wardialing
> >
> >
> > Hello all,
> >
> > When doing a wardialing engagement we come across alot
> > of "unknown" carrier detects. I'm looking for a way to
> > find out the exact baud rate of the modem answering.
> > The modem will answer say at 9600 but the program
> > behind it migth run at a completely different rate
> > (specially the older programs)
> >
> > Some dialing software will auto-sense the emulation
> > but you have to give it default baud rate. But if that
> > modem is listening for 1200 baud 7E1, you have alot of
> combination to
> > try. I was wondering if anyone has any experience on the matter.
> >
> > I know that software like Phonesweep, THC etc.. but
> > they don't do the trick to find the exact baud rate.
> >
> > Any ideas on the matter ?
> >
> > Thanks
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com
> >
> > --------------------------------------------------------------
> > --------------
> > This list is provided by the SecurityFocus Security
> > Intelligence Alert (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security
> > vulnerabilities please see:
> > https://alerts.securityfocus.com/
> >
>
> --------------------------------------------------------------
> ----------
> ----
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/
>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:25 EDT