On Wed, Aug 10, 2011 at 06:25:30PM +0200, Alexander Lehner wrote:
> On Wed, 10 Aug 2011, Josef Wolf wrote:
> >On Wed, Aug 10, 2011 at 04:55:25PM +0200, Josef Wolf wrote:
> >[ ... ]
> >>- on port 22 a dropbox ssh server is running, which seems to accept public
> > ^^^^^^^
> >That should be "dropbear" instead of "dropbox", of course. Sorry for the
> >typo.
> The question is, how you would then upgrade the device, even if you
> had access through ssh?
ssh-access would at least give me the possibility to lurk around and see what
exists on the device and whether there's a possibility to transfer data (maybe
scp). It might also allow me to see which URLs the web server is supposed to
accept.
> For the hacker's delight I would give a try to find the private ssh
> key in the Windows TomTom Software. Maybe they were lazy enough to
> put it in plaintext somewhere.
> My private rsa keys have 64-byte lines ascii data,
> and the last line seems always to end with '=='.
>
> so maybe
>
> cat wine/c/TomTomApps/* | egrep '.{64}'
Jeah, guess it's worth a try.
