Allen Bradley Panel Builder 32
CLICK HERE ->->->-> https://fancli.com/2td8Zf
DMSF was used to assess the device. The analysis was very simple due to the wide range of services I could locate. After running Dmsf, I found a MySQL database linked through phpMyAdmin. This provided me with a modelling place to start. The database showed me the original access URL.
The details were found in the server folder.'users' directory. The folder contained 'username.php' which contained all the details. The account which was being used had a list of folders that you could access using FTP, gphoto2, flickr, google drive and dropbox. It was also possible to access the files using a number of tools such as Filezilla or telnet. - Remotely, you could access to the files using Dropbox, Google Drive or you could use the DMSF tool. - The files were password protected, which I presume to be in the MySQL database.'dev-admin.php'file-rw-r-x- 1 root root 1292 Dec 25 19:40 dev-admin.php - the file allowed root access to any of the files outside of the password protection area.'conf.php'- allowed direct access to the file due to the php input function locking the config file at server start.'data050413.php'- this file stores the date/time for the last backup (2 Minutes). The file was automatically uploaded and stored on the FTP server, causing me to need to download it.
Most of the files can be accessed using FTP or putty for Windows. The files on the system also included the networking settings, the peer management service, the time settings, the pcap files, the memory logs and the pcap route table. The contents of the pcap files looked interesting with information on the traffic being monitored. I then performed the regular DMSF assessment. I was able to get a MySQL back door into the device. The root user was deleted and a new one created. d2c66b5586