Copy Link
Add to Bookmark
Report
Phruwt Issue 03 010
---------==================[ Fun with Gatorboxes ]===================----------
This is just a quick collection of information I've been able to pull
together on Gatorboxes (Macintosh routers) after seeing a request for
router hacking info on alt.2600.
Finding a Gatorbox.
There are two ways to find a Gatorbox. The first is to use a piece of
software like TRAWL over your appletalk network if you have one. They are
given a symbol of an alligator (they knida stand out next to all the other
symbols). Form this you can get the IP number for the box.
Another method is to use either NSLOOKUP on a unix box (or Host as described
in the recent 2600 article) and this will also give you an IP number.
Engaging the Gatorbox.
From what I've seen of the boxes I've encountered getting in isn't a
problem, in fact none of them have had passwords installed, so when you telnet
to it, you automatically login as Admin. e.g.:
Terminal shell v1.0
GatorBox_CS/Rack running GatorSystem version 3.0.2 (build R1)
( completed login: admin level)
BoxName>
Where the last line is the prompt and is the name of the router you've entered.
To get a quick overview of the commands type ? or help
help to get more: "help all" or "help help"
configure to configure GatorBox's options
netstat to show IP information
nbp to send NBP lookup request
ping to send ICMP Echo request
quit to quit this shell
reset to reset subsystems
restart to restart GatorBox
halt to halt interfaces and subsystems
show to show system information
status to show basic status of GatorBox
who to show who is using the shell
log to add a message to the diagnostic log
loglevel to report or change diagnostic log level
clear to erase all stored configuration information
Typing CONFIGURE will move you up a level like this:
GatorBox Config Mode v1.0
(admin level privileges -- read/write)
BoxName (top)>>
This level also has a help menu of:
system --- GatorBox system options
ip --- TCP/IP options
appletalk --- AppleTalk routing options
decnet --- DECnet options
snmp --- SNMP options
validate --- validate configuration settings
preference --- shell environment preferences
set --- set configuration data
delete --- delete configuration list data
view --- view configuration data
script --- print configuration setup script
help --- help command options
. save --- save configuration data
. top --- go to top level
quit --- exit from configuration mode
The first 5 items on the list all take the user to a sub-level, which can be
returned from with the command UP. Preference is also a sub-level which sets
the trivial things like the verbose and more settings. View will allow the
user to see all the information for the system, ip, appletalk, decnet and
snmp, each of which can be changed in there sub-level very easily. The system
sub-level contains the box name as well as the command to add passwords and
users. The script command shows the script the system goes through when it
is restarted, so any changes made would continue to affect the system is the
only solution the user knows is to turn off the box and let it boot up again.
Set and delete allows the user to alter this data at will, but don't forget
to save your changes.
Quitting that menu and returning back to the original area to look at the rest
of the commands, WHO will show who is logged into the system, and where they
are logged in form (IP number). The show command is used with the following
list:
ip followed by:
arp to display IP ARP cache
routes to display IP route tables
interfaces to display IP interfaces
appletalk followed by:
arp to display AppleTalk ARP cache
filters to display AppleTalk filters, summary or detail*
interfaces to display AppleTalk interfaces
routes to display AppleTalk route table
zones to display AppleTalk zone list
decnet followed by:
nodes to display DECnet known nodes
circuits to display DECnet circuits
router to display DECnet router info
alap to display LocalTalk statistics
enet to display Ethernet statistics
status to show basic status of GatorBox
log to display next segment of the log (or "all")
crash to display current crash-dump information
memory to display memory usage (detail with "all")
and can be used to network information (like the names of the appletalk
zones). The show log will show a screenful of log information, but doesn't
use the more option, so to get more information type show log again. The LOG
command will enter a string to the log and place a time with it. To rewind
the log use RESET LOG. RESET can also be followed with:
alap to reset LocalTalk statistics
crash to clear crash-dump information
enet to reset Ethernet statistics
The PING and NBP commands are useful for checking on other systems as you
would normally (well ping at least).
Halt can be used to stop the appletalk router, and restart to shut the system
down, to have it boot up again within a few seconds, but the old log file
will have been written over, so the information about an unauthorized login
will be lost. At time delay (in seconds) can also be placed on the restart
command.
This is just a quick outline as to what can be changed with a router (the
gator type at least, as all the cisco routers I've found are password
protected), and they can be very efficient in screwing over an area of a
network if need be, though I should add that the information is provided for
educational purposes only and not for screwing over an area of a network.
If you want to know more about what a router does, I suggest looking at any
book on the internet, as these essentially hold all the LANs together in a
larger network, allowing information to be passed along by acting as a bridge
and signpost.
- Nixx
