Dedicated Micros BX2 DVR Multiple Default Passwords

March 29, 2014

Dedicated Micros BX2 DVRs install with a variety of default credentials according to the manual.

The unit will request a username and password, as defined in the ‘profiles’ configuration file. The default settings are ‘username’ and ‘password’.

User Menu
To enter the User menu tap the Menu key.
Note: If a password has been set and enabled it will be necessary to enter the User password to gain access to the menus. This is disabled by default.

There are a set of default passwords set at the factory. These should be changed as soon as practical to ensure the security of the unit. These default passwords are:
Webpage Configuration : Username = dm Password = web
Video FTP : Username = dm Password = ftp
FTP Admin : Username = dmftp Password = ftp
Telnet : Username = dm Password = telnet
Serial : Username = dmconsole1 No Password as default

Dedicated Micros CMT Default Credentials

March 22, 2014

The Dedicated Micros Centralized Management Tool (CMT) has default passwords according to the manual.

During installation the manual recommends you use a specific password:

Recommended: Enter a Password of dm-cmt1 for the sa logon password above. Be sure to enter dm-cmt1 in both password fields.

Later in the manual it assumes that you followed their advice. This isn’t a default but the wording makes it sound like this is needed!

dm-cmt1

The CMT client application also has a default:

Restart the CMT Client Application and login by entering:
o Username = admin
o Password = admin

Dedicated Micros D4 Default Credentials

March 16, 2014

The Dedicated Micros D4 contains a default password for viewing images via the web and no credentials for the menu system according to the manual.

Viewing Images Across the Network Using a Web Browser
It is possible to use Microsoft Internet Explorer (version 5.X and above) and Netscape Navigator (version 4.7X and above) to view images from a D4. Follow the instructions above to display the D4 web page, but click on the Web Viewer icon instead of the ‘PC viewer application’ icon. It will be necessary to enter a username and password at this point, the default username and password is user and password.

User Password
A password can be set to prohibit unauthorized access to the menu systems. The default setting is Off.

Dedicated Micros Digital Sprite 2 Default Web Credentials

March 8, 2014

I previously wrote about the Dedicated Micros Sprite 2 (DS2) and one set of default credentials it had. The Setup Manual has another set of default credentials this time for the web server:

If a password has been configured it will be necessary to enter the Username and Password information to gain access to the unit. The default user name and password are dm and web.

Dedicated Micros DV-IP Series Devices Default Credentials

March 1, 2014

Dedicated Micros makes a set of devices under the DV-IP label. In some cases they do not require passwords to access. In other cases they come with default accounts. Below is a list of devices with links to the manual and quoted bits about passwords.

DV-IP ATM

Select Configuration Options. The unit will prompt for a username and password. The default settings are dm and web respectively.

DV-IP Codec

The image shows the User Accounts Administration page. The default passwords are:
Webpage Configuration : Username = dm : password = web
FTP Admin : Username = dmftp : password = ftp
Telnet : Username = dm: password = telnet

DV-IP Encoder

The image shows the User Accounts Administration page. The default passwords are:
Webpage Configuration : Username = dm : password = web
FTP Admin : Username = dmftp : password = ftp
Telnet : Username = dm: password = telnet

DV-IP Express

By default, no Usernames and Passwords are required to access any of the various menus. Usernames and Passwords can however be added to regulate access to the Configuration and Viewer menus.

DV-IP Server

dvip-1

DV-IP NV1 & NV4

By default, no Usernames and Passwords are required to access any of the various menus. Usernames and Passwords can however be added to regulate access to the Configuration and Viewer menus, refer to the ‘Display Settings-> User Accounts’ menu for information on establishing Usernames and Passwords

Mitsubishi Energy Saving Data Collecting Server (EcoWebServer III) MES3-255C-EN Default Credentials

February 28, 2014

The Mitsubishi Energy Saving Data Collecting Server (EcoWebServer III) MES3-255C-EN uses several default credentials according to the manual. These require local access for the software and do not appear to work for the web server.

Enter the maintenance password (factory setting: ecopass) in the Password field, and click the [Change] button.

Writing the project via LAN
Select the [Write in this product via LAN.] radio button, and input the login ID and password for system administration in the [Login ID] and [Password] text boxes respectively.
(The default login ID and password are “ecoV” and “ecopass“.)

Reading the project via LAN
Select the [Read from this product via LAN.] radio button, and input the login ID and password for system administration in the [Login ID] and [Password] text boxes respectively.
(The default login ID and password are “ecoV” and “ecopass“.)

Checking the project via LAN
Select the [ Via Ethernet.] radio button, and input the login ID and passwordfor system administration in the [Login ID] and[Password] text boxes respectively.
(The default login ID and password are “ecoV” and “ecopass“.)

Changing the data acquisition login ID and password
The following describes the steps for changing the data acquisition login ID and password.
* The default data acquisition login ID and password are “guest” and “user“, respectively.
(The default system administration login ID and password are “ecoV” and “ecopass“, respectively.)

Dedicated Micros Eco Range 9/16 DVR Units Default Credentials

February 22, 2014

The Dedicated Micros Eco Range Eco 9 and Eco 16 DVR units contain several default passwords or unpassworded access according to the user manual.

Default PPP password

Once the remote computer has been configured to dial-up to the Eco, enter the PPP_Link2 IP address that was allocated to the port on the unit to make a remote dial up connection.
NOTE: The IP address used to dial in to the unit is the IP address used for PPP_Link2. The PPP IP address used in System Options->Network Settings->PPP Selection is the base PPP IP Address. The dial in address is one greater than this. Ie if the PPP IP address is defined as “10.0.0.1”, the PPP IP address required to connect to the unit is “10.0.0.2”.
The unit will request a username and password, as defined in the ‘profiles’ configuration file. The default settings are ‘username’ and ‘password’.

Installation / Menu System

User Password
A password can be set to prohibit unauthorised access to the menu systems. The default setting is Off.

Web Access

If a password has been configured it will be necessary to enter the Username and Password information to gain access to the unit. The default user name and password are dm and web.

Mitsubishi eWON COSY141 Web Interface Default Admin Credentials

February 21, 2014

The Mitsubishi eWON COSY141 installs with default admin credentials for the web interface according to the manual.

Configure the Cosy
a. Launch your internet browser and type the COSY’s LAN IP address into the address bar.
Note: Default username/password = adm

Trafficware ATMS.now Default Credentials

February 20, 2014

Trafficware’s ATMS.now contains a default account and credentials according to the manual.

Your system administrator should provide you with your user name and password. The installation assigns a
default user with a user-name “naztec” and password “naztec”, which could be retained for training and factory
upgrade purposes. It is recommended that this default login be removed for security and the system
administrator should provide a permanent, secure login for system updates and access.

“ATMS.now is an Advanced Traffic Management System (ATMS) capable of monitoring and controlling thousands of intersection controllers using state-of-the art architectures like TCP/IP and NTCIP.”

PIPS Technology AUTOPLATE Automatic License Plate Recognition (ALPR) Multiple Vulnerabilities

February 19, 2014

PIPS Technology AUTOPLATE is a license plate recognition system used by law enforcement (Shodan search) in stop light camera systems. “PIPS Technology ALPR processors are complete one-box processors for automatic licence plate recognition (ALPR).” By default these devices offer a telnet connection for management that does not require authentication!

They also have a series of default accounts and / or passwords:

Component – Account – Password
html – root – ?
pdb – wl_test – wl_test
ves – vesstore – vesstore
jpeg – ftp_boot – ftp_boot

With the html component credentials you can access the web server for information about the camera’s capture statistics:

http://1.2.3.4/cgiC/capture%20st$ats

Camera 1
fields: 1038585
images: 0
plates: 0
reads : 0
good : 0

Camera 2
fields: 1787601
images: 36781
plates: 5440
reads : 1283
good : 1269

Here is a partial log of what the command interface looks like:

Script started on Tue Nov 19 10:27:32 2013
df$ telnet 1.2.3.4
Trying 1.2.3.4…
Connected to 1.2.3.4.
Escape character is ‘^]’.

ATZ
P372 application Apr 13 2010 12:29:02
P372 Serial Number: 1234
pcb:1, vers:03, rel:x06, build:3145
RAM: 128M @ 128M EPROM: 512k
Flex vers: 16.0, capabilities 003f
Camera firmware: 4.34
362 epld vers: 13
ANPR enabled for: USA Louisiana
Operating system: C EXECUTIVE 3.3
eprom image checksum: 1408
application crc: 4714
current config crc: 1434
reference config crc: 1434
* Installed options: 00200018
* … Compact Flash
* … Basic VES with no security
* … USA Licenceplate recognition
* PIPS Technology AUTOPLATE ™ license plate recognition
* VES – (violation enforcement system)
>>system show
system
flex: flash;3722acyc.z16
exposure: mem:/expose.cnf
startup: mem:/startup.scr
time_server: 2.3.4.5
alt_time_server: 10.1.1.1
font8: flash;font_8.8k
font16: flash;font_16.32k
route: ves
access_list: mem:/access.txt
sntp_enable: 0×13
daytime_port: 0
time_zone: -6
time_poll: 300
sntp_latency: 1000
sntp_window: 200
sntp_debug: 0
sntp_max: 24
brownout: 125
powerdown: 5000
idle_time: 0
idle_mode: 0×7
plate_type: 1
plate_max: 120
plate_min: 50
t_enable: 0
t_period: 600
sio362_debug: 0
led_current: 7
ftp_debug: 0
tn_timeout: 600
access_debug: 0
cc_eds: 0
reload: 0
ping_mode: 1
ping_port: 10010
sysdump: 0
old_script: 1
* CMD:OK
>>active show
active
days:
start_1:
end_1:
start_2:
end_2:
enable: 0
debug: 0
* CMD:OK
>>client show
client
patch: 1
sum: 0
debug: 0
config: 0
threshold: 50
* CMD:OK

..

>>help
Available Commands are:
system
active
client
vf
jpeg
bmp
ves
anpr
log
pdb
capture
closeloop
trigger
ves diag
ves exc
html
mbip
mail
net
key
dump
show
set
clear
barcode
help
install
test
camera
ftp
reset
shutdown
exit
flash
flex
fs
encrypt
sleep
rtelnet
snap
trap
script
ping
jam
option
ata
cld
dir
ls
md
rd
rm
del
ren
cd
check
copy
cmp
type
cat
mkfs
partition
scan
creat
image
make
destroy
tail
gzip
gunzip
kermit
action
>>rtelnet
Require IP address and optional port parameters
>>trap show
not implemented
* CMD:ERROR 1
>>script show
cannot open script show on local disk
attempting to fetch script from server
script not found on server
* CMD:ERROR 1
>>ping
PING 1.2.3.4 (1.2.3.4): 56 data bytes
64 bytes from 1.2.3.4: icmp_seq=0 ttl=59 time=23 ms
64 bytes from 1.2.3.4: icmp_seq=1 ttl=59 time=32 ms
64 bytes from 1.2.3.4: icmp_seq=2 ttl=59 time=42 ms
64 bytes from 1.2.3.4: icmp_seq=3 ttl=59 time=31 ms

— 1.2.3.4 ping statistics —
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 14/54/42 ms
* CMD:OK
>>dir
mem:/
EVENT .OLD w—- 40790 bytes 19/11/2013 7:35:12
EVENT .LOG w—a 1706 bytes 19/11/2013 17:28:52
TIME .TXT w—a 11 bytes 19/11/2013 17:32:26
SYSTEM .INI w—a 4283 bytes 19/11/2013 7:35:20
EXPOSE .CNF w—a 190 bytes 4/05/2013 1:18:26
VES . w–d- dir 4/05/2013 1:19:06
OPENED . w—- 0 bytes 4/05/2013 1:19:10
SEQ . w—a 8 bytes 19/11/2013 17:31:10
ENTROPY .BIN w—a 112 bytes 19/11/2013 17:23:02
MONITOR .INI w—a 67 bytes 16/10/2013 15:33:56
ACCESS1 .DEF w—a 526 bytes 19/11/2013 17:20:54

10 files, 1 subdirectory. Total Disk Capacity: 2048 k, Total shown here: 46 k
* CMD:OK
>>type event.log
19-Nov-2013 07:35:12:(9) ( start), EVENT LOG START UP
19-Nov-2013 07:35:12:(6) ( start), trimming 23 lines from event log history
19-Nov-2013 07:35:12:(9) ( start), integrity: 40 seconds since last update
19-Nov-2013 07:35:12:(6) ( mon_temp), no temperature sensor
19-Nov-2013 07:35:12:(9) ( start), access control list not present
19-Nov-2013 07:35:12:(9) ( start), software options: 00200018
19-Nov-2013 07:35:16:(9) ( start), Hardware JPEG Chip 1 software option not present
19-Nov-2013 07:35:16:(9) ( start), Hardware JPEG Chip 2 software option not present
19-Nov-2013 07:35:17:(6) ( start), sync set to: 625
19-Nov-2013 07:35:17:(9) ( stream), Platform will not support streaming video
19-Nov-2013 07:35:17:(9) ( ves), Software options set are not compatable with encryption or context capture
19-Nov-2013 07:35:17:(9) ( vid_events), VIDEO: P372 twin video input process starting

..

>>cat system.ini
[net]
mask=255.255.255.224
bcast=192.200.200.255
gateway=1.2.3.1
script=mem:/net01.scr
speed=0

..

telnet> close
Connection closed.
df$ exit
exit

Script done on Tue Nov 19 10:33:06 2013


Follow

Get every new post delivered to your Inbox.

Join 772 other followers