[EAS] ALERT: EAS Device passwords
Alex Hartman
goober at goobe.net
Tue Feb 12 12:07:59 CST 2013
Good point. Inserting the audio to a CAP based message is quite easy,
but for EAS, that's a bit harder. You'd have to reprogram portions of
the box to forward audio not recorded from one of the receivers, and
trick it into thinking that it has a valid message that needs to be
forwarded... But once you're in a box, you pretty much have total
control since most of the companies didn't sandbox the web server user
(they run as root, instead of a sandboxed environment). So quite
easily, you run some exploit code against the web server and you're
dropped into a super user account, which lets you do whatever you
fancy to the box.
Oldest trick in the book...
--
Alex Hartman
More information about the EAS
mailing list