Manager Password Recovery

[liquidshokk]

Hi

We were recently surprised to hear that an IT company that took over maintenance of a friends IP Office system was able to find out the manager password without defaulting the unit.. I had previously dialled into the system but couldnt open the config as didnt know the password..

Is there some password recovery tool im not aware of or a crack to find out the password?!?

.... or did they just manage to convince the previous IT company to confirm the password?!

Thanks

 

[TomMills]

what level of software was it on?

"There's a dog in the New Zealand section

 

[liquidshokk]

just checked, they were on 4.1(9) and was an IP500...

their new company has changed the dial in password now so i cant even get as far as dialled in anymore. Gonna get my friend to try and obtain a coopy of the config tomorrow as i want to know how they did it...

 

[liquidshokk]

just tried using peekaboo with the security settings but the password showed as 'betterlucknexttime' which i thought was amusing... Manager App was one step ahead of me Tried using an old version of manager but that wouldnt allow me to select to go into security settings...

Im not going to find out how they did it am i... and that will really bug me!

 

[TomMills]

are you 100% certain they could only get remote access?

"There's a dog in the New Zealand section

 

[liquidshokk]

Yeah, my friend would have been informed if they'd visited to look at the phone system. Maybe they just got in touch with the previous maintainers..... Made me look stupid as I couldnt get in and they could! Was the difference between getting the contract and not! Hence my interest in making sure that doesnt happen again...

 

[kholladay]

Funny that your friend is comfortable with a 3rd party who not only has remote access but also has the ability to login when he himself does not. I hope your friend doesn't actually manage this system.

Kyle Holladay
ACA-I, ACA Call Center, ACS-I, ACS-M, TIA-CTP, MCP/MCTS Exchange 2007
ACE Implement: IP Office

"Thinking is the hardest work there is, which is the probable reason why so few engage in it." - Henry Ford

 

[Westi]

maybe the security password was default, or how I love to do it, I write down the old passwords from customers I take over from different companies and keep the list and they had it from a previous takeover. That is quite handy sometimes.

Joe W.

FHandw., ACS

If you can't be good, be good at it!

 

[tlpeter]

Just use the DTE port
Type:

AT-SECURITYRESETALL

and you are fine
The only downside it that you have to go on site
Then you can open the config and change the dialin settings

ACS - Implement IP Office
ACA - Implement IP Telephony -- ACA - Design IP Telephony
ACA - Voice Services Management
______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!

 

[liquidshokk]

No my friend doesn't manage it but SHE was quite impressed that they were able to takeover maintenance and find the passwords without hassling them for them as the person who was responsible for the IPO maintenance contract/passwords had left the company...

Even if the security password was default they'd still need to confirm the old one before they can change it as earlier stated... I guess it's all by the by now though as we didn't get the contract and they did. Just wanted to make sure I wasn't in the dark about some neat recovery trick...