[cisco-voip] Securelogix-Cisco API

2017-11-20 Thread Mark Holloway 
Does anyone know what kind of performance impact the API has on ASR or ISR 44xx 
routers running CUBE?  I’ve used Securelogix with other SBC’s in large 
Enterprise and Call Center deployments. The SBCs use ENUM to query Securelogix. 
There is virtually no CPU impact on the SBC using ENUM even when there’s 
hundreds of calls per second and 10,000+ concurrent calls established. I’m 
wondering what the advantage of the API is over ENUM and if there’s more of an 
impact on the router’s CPU with CUBE enabled. Thanks

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

2017-11-20 Thread Pete Brown 
If you have an affected lab box, any chance you could package up few files and 
send them over off list?



From: bmead...@gmail.com  on behalf of Brian Meade 

Sent: Monday, November 20, 2017 11:48 AM
To: Pete Brown
Cc: Anthony Holloway; cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Cisco Voice Operating System-Based Products 
Unauthorized Access Vulnerability

I was thinking about running John the Ripper on a lab box that is affected to 
try to get the password.  Not sure if it will find anything though.

On Mon, Nov 20, 2017 at 11:50 AM, Pete Brown 
mailto:j...@chykn.com>> wrote:

I wonder if there are any existing penetration testing utilities to check for 
these conditions on UCOS hosts?


If not, challenge accepted.


From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
on behalf of Brian Meade mailto:bmead...@vt.edu>>
Sent: Monday, November 20, 2017 10:25 AM
To: Anthony Holloway
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Cisco Voice Operating System-Based Products 
Unauthorized Access Vulnerability

Anyone got some ideas on trying to crack this UCOS password?  Should help us 
out in scanning our customers to see if they are affected, but we wouldn't want 
this password to end up indexed by google and make the issue even worse.

On Fri, Nov 17, 2017 at 4:46 PM, Anthony Holloway 
mailto:avholloway+cisco-v...@gmail.com>> wrote:
Bwahaha! I just logged in to your CUCM Tim.

On a serious note, I think it’s interesting how this “flag” issue is such a big 
deal, when back in the old days of UCCX, Cisco was creating an intentional 
back-door in all installs, using the same username and password on all of them.

For the curious, it was :

Username: CRSAdministrator
Password: NwY.t9g(f'L9[3C

If you have access to a UCCX 7x or lower, try logging in to Windows with that 
account and report back if it worked.

If it does work, check the MADM logs on the C: for the clear text AXL username 
and password, so you can compromise CUCM too!
On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee 
mailto:tfra...@gmail.com>> wrote:
heads up

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos


___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip



___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

2017-11-20 Thread Brian Meade 
I was thinking about running John the Ripper on a lab box that is affected
to try to get the password.  Not sure if it will find anything though.

On Mon, Nov 20, 2017 at 11:50 AM, Pete Brown  wrote:

> I wonder if there are any existing penetration testing utilities to check
> for these conditions on UCOS hosts?
>
>
> If not, challenge accepted.
>
> --
> *From:* cisco-voip  on behalf of
> Brian Meade 
> *Sent:* Monday, November 20, 2017 10:25 AM
> *To:* Anthony Holloway
> *Cc:* cisco-voip@puck.nether.net
> *Subject:* Re: [cisco-voip] Cisco Voice Operating System-Based Products
> Unauthorized Access Vulnerability
>
> Anyone got some ideas on trying to crack this UCOS password?  Should help
> us out in scanning our customers to see if they are affected, but we
> wouldn't want this password to end up indexed by google and make the issue
> even worse.
>
> On Fri, Nov 17, 2017 at 4:46 PM, Anthony Holloway <
> avholloway+cisco-v...@gmail.com> wrote:
>
> Bwahaha! I just logged in to your CUCM Tim.
>
> On a serious note, I think it’s interesting how this “flag” issue is such
> a big deal, when back in the old days of UCCX, Cisco was creating an
> intentional back-door in all installs, using the same username and password
> on all of them.
>
> For the curious, it was :
>
> Username: CRSAdministrator
> Password: NwY.t9g(f'L9[3C
>
> If you have access to a UCCX 7x or lower, try logging in to Windows with
> that account and report back if it worked.
>
> If it does work, check the MADM logs on the C: for the clear text AXL
> username and password, so you can compromise CUCM too!
> On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee  wrote:
>
> heads up
>
> https://tools.cisco.com/security/center/content/CiscoSecurit
> yAdvisory/cisco-sa-20171115-vos
> 
>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
>
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

2017-11-20 Thread Pete Brown 
I wonder if there are any existing penetration testing utilities to check for 
these conditions on UCOS hosts?


If not, challenge accepted.


From: cisco-voip  on behalf of Brian Meade 

Sent: Monday, November 20, 2017 10:25 AM
To: Anthony Holloway
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Cisco Voice Operating System-Based Products 
Unauthorized Access Vulnerability

Anyone got some ideas on trying to crack this UCOS password?  Should help us 
out in scanning our customers to see if they are affected, but we wouldn't want 
this password to end up indexed by google and make the issue even worse.

On Fri, Nov 17, 2017 at 4:46 PM, Anthony Holloway 
mailto:avholloway+cisco-v...@gmail.com>> wrote:
Bwahaha! I just logged in to your CUCM Tim.

On a serious note, I think it’s interesting how this “flag” issue is such a big 
deal, when back in the old days of UCCX, Cisco was creating an intentional 
back-door in all installs, using the same username and password on all of them.

For the curious, it was :

Username: CRSAdministrator
Password: NwY.t9g(f'L9[3C

If you have access to a UCCX 7x or lower, try logging in to Windows with that 
account and report back if it worked.

If it does work, check the MADM logs on the C: for the clear text AXL username 
and password, so you can compromise CUCM too!
On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee 
mailto:tfra...@gmail.com>> wrote:
heads up

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos


___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip


___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] DRS Backups - File & Database Record Extraction

2017-11-20 Thread Pete Brown 
Look at the bright side.  They create interesting learning opportunities for 
folks like us.  You could argue that I owe my Java & C# education to the Cisco 
DRS team.  Had to learn both to create the backup decrypter; ended up getting a 
job as a tools engineer as a result.  I should send those guys a nice fruit 
basket for Christmas!


But you're right, it would be nice if they had some sort of selective restore 
tool.  Please let us know if you end up working on one.


From: Anthony Holloway 
Sent: Friday, November 17, 2017 6:23 PM
To: Pete Brown
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] DRS Backups - File & Database Record Extraction

Maybe I should make a backup tool for UCCX so you can selectively restore 
objects. You know, like how COBRAS is.

Or maybe Cisco should just shift their focus from chasing Microsoft and 
actually invest in their current products and the customers who run them.

I’m so tired of apologizing for Cisco’s short comings.

Sorry, thread hijacking. I’ll see myself out.
On Fri, Nov 17, 2017 at 5:03 PM Pete Brown 
mailto:j...@chykn.com>> wrote:

That's pretty slick!  Well commented, too.  Thanks for sharing.



From: Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>>
Sent: Friday, November 17, 2017 3:51 PM
To: Pete Brown
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] DRS Backups - File & Database Record Extraction

This is a good time to remind people that they could use automation tools to 
download the scripts and prompts outside of DRS all together.

https://twitter.com/avholloway45633/status/647450649353846784

On Fri, Nov 17, 2017 at 1:17 PM Pete Brown 
mailto:j...@chykn.com>> wrote:
An update for those who have asked about extracting database records directly 
from DRS backups.  I've had some success reading BLOB data from Informix ontape 
files, so we can read flat files from the TARs as well as files stored as BLOB 
fields in Informix.  It's working well enough to extract prompt & script files 
from a sample UCCX 9 backup.  Definitely not stable enough to release, but it's 
getting there.

The next step is to design an interface which allows users to open DRS backups 
and browse the contents.  Think DRS Message Fisher, but for reading UCCX and 
CUCM backups as well.  Since the tools are free and I can't exactly afford a 
design team, this is where I could use some assistance from the community.

Please let me know if you're interested in providing some creative input on a 
UI.  Have an idea about how you'd want to browse and extract data?  Put it in a 
Visio.  Sketch it out in MS Paint.  Scribble it on a napkin.  Whatever works.  
Have some C# experience and want to create a mockup?  Bless you.  One day 
you'll be an unsung hero to some poor soul who accidentally overwrites the 
wrong script in UCCX and relies on your work to save their bacon.

Thanks,
Pete
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

2017-11-20 Thread Brian Meade 
Anyone got some ideas on trying to crack this UCOS password?  Should help
us out in scanning our customers to see if they are affected, but we
wouldn't want this password to end up indexed by google and make the issue
even worse.

On Fri, Nov 17, 2017 at 4:46 PM, Anthony Holloway <
avholloway+cisco-v...@gmail.com> wrote:

> Bwahaha! I just logged in to your CUCM Tim.
>
> On a serious note, I think it’s interesting how this “flag” issue is such
> a big deal, when back in the old days of UCCX, Cisco was creating an
> intentional back-door in all installs, using the same username and password
> on all of them.
>
> For the curious, it was :
>
> Username: CRSAdministrator
> Password: NwY.t9g(f'L9[3C
>
> If you have access to a UCCX 7x or lower, try logging in to Windows with
> that account and report back if it worked.
>
> If it does work, check the MADM logs on the C: for the clear text AXL
> username and password, so you can compromise CUCM too!
> On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee  wrote:
>
>> heads up
>>
>> https://tools.cisco.com/security/center/content/
>> CiscoSecurityAdvisory/cisco-sa-20171115-vos
>>
>>
>> ___
>> cisco-voip mailing list
>> cisco-voip@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] DRS Backups - File & Database Record Extraction

2017-11-20 Thread Charles Goldsmith 
I like how he just got almost everyone on this list to follow him on
twitter :)

guilty as charged, in case he does create the restore utility

On Fri, Nov 17, 2017 at 4:03 PM, Pete Brown  wrote:

> That's pretty slick!  Well commented, too.  Thanks for sharing.
>
>
>
> --
> *From:* Anthony Holloway 
> *Sent:* Friday, November 17, 2017 3:51 PM
> *To:* Pete Brown
> *Cc:* cisco-voip@puck.nether.net
> *Subject:* Re: [cisco-voip] DRS Backups - File & Database Record
> Extraction
>
> This is a good time to remind people that they could use automation tools
> to download the scripts and prompts outside of DRS all together.
>
> https://twitter.com/avholloway45633/status/647450649353846784
> 
>
> On Fri, Nov 17, 2017 at 1:17 PM Pete Brown  wrote:
>
> An update for those who have asked about extracting database
> records directly from DRS backups.  I've had some success reading BLOB
> data from Informix ontape files, so we can read flat files from the TARs as
> well as files stored as BLOB fields in Informix.  It's working well
> enough to extract prompt & script files from a sample UCCX 9 backup.
> Definitely not stable enough to release, but it's getting there.
>
> The next step is to design an interface which allows users to open DRS
> backups and browse the contents.  Think DRS Message Fisher, but for
> reading UCCX and CUCM backups as well.  Since the tools are free and I
> can't exactly afford a design team, this is where I could use some
> assistance from the community.
>
> Please let me know if you're interested in providing some creative input
> on a UI.  Have an idea about how you'd want to browse and extract data?
> Put it in a Visio.  Sketch it out in MS Paint.  Scribble it on a napkin.
> Whatever works.  Have some C# experience and want to create a mockup?
> Bless you.  One day you'll be an unsung hero to some poor soul who
> accidentally overwrites the wrong script in UCCX and relies on your work to
> save their bacon.
>
> Thanks,
> Pete
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

2017-11-20 Thread Charles Goldsmith 
Indeed it works, and sadly, I have a customer with uccx 7 still running...

On Fri, Nov 17, 2017 at 3:46 PM, Anthony Holloway <
avholloway+cisco-v...@gmail.com> wrote:

> Bwahaha! I just logged in to your CUCM Tim.
>
> On a serious note, I think it’s interesting how this “flag” issue is such
> a big deal, when back in the old days of UCCX, Cisco was creating an
> intentional back-door in all installs, using the same username and password
> on all of them.
>
> For the curious, it was :
>
> Username: CRSAdministrator
> Password: NwY.t9g(f'L9[3C
>
> If you have access to a UCCX 7x or lower, try logging in to Windows with
> that account and report back if it worked.
>
> If it does work, check the MADM logs on the C: for the clear text AXL
> username and password, so you can compromise CUCM too!
> On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee  wrote:
>
>> heads up
>>
>> https://tools.cisco.com/security/center/content/
>> CiscoSecurityAdvisory/cisco-sa-20171115-vos
>>
>>
>> ___
>> cisco-voip mailing list
>> cisco-voip@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip