xiconfjs/h4ck
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
2a717ad841
h4ck/revolabs-flx_uc_1000/README.md
Conor Horan-Kates 2a717ad841 moving story time around
2016-06-30 21:49:46 -07:00

560 B
Raw Blame History

revolabs flx UC1000

found this device in a conference room, found the IP from an unauthenticated menu on the dialer, which was accessible from the wireless 'Guest' network. it also has USB ports, so potentially available without network access.

story time

from the page that loaded when you first hit http://, i noticed app.js

in it, i found:

 sys.password:
  - defaultVal: "7386",
  - pattern: /^(\d{4,})$/,

tools

name description
bf_login.rb brute forces the PIN on the web interface