Results 1 to 3 of 3
  1. #1
    Newbie tonykitzky's Avatar
    Join Date
    Jun 2019
    Posts
    2

    Default Root access to eSoft Instagate UTM appliance

    Is anybody familiar with hacking an eSoft Instagate UTM appliance? I am in need of assistance in gaining root access via ssh to one.

    I am supporting network upgrades for a client and ran across this UTM appliance. They are still using an Instagate as their email platform... they use nothing else on this appliance, just email. (I know. I know. Trust me... I know.)

    So now I'm fixing one email trouble after another for this customer, some with improper config on the appliance and other problems with DNS records on their domain.

    Last trouble is with sending email to a few particular domains. It appears to be a corrupt Exim "retry database" that I could easily troubleshoot if I had root access.

    I have enabled remote support and local administrators in the gui (of course). I selected my local account as administrative user. I've rebooted the appliance.

    I can access ssh and even login using my local credentials. I get a login messaging about "only qualified Technical Support engineers should use the remote login interface", and then it immediately kicks me out! Damn it! So close.

    I am not able to login using admin or root with the admin web gui credentials.

    I've stumbled across the TI.conf file in the system backup archive. That file references some REMOTE_SUPPORT_ALLOWED_RESERVED network prefixes. So... I updated my Client VPN network on the local Meraki gateway to one of those prefixes listed. I still cannnot login. I see my last login IP is an IP that falls into the REMOTE_SUPPORT networks. I guess that's isn't anything.

    My last option if I cannot get ssh login working is to crack the case, remote the hard drive and mount it in a different Linux system. I'll be able to do whatever I want then but that is way more invasive than this "network" guy wants to go. Plus this box is a seven hour one-way drive from my house.

    I'm looking for a lifeline here. If anybody has logged into an Instagate appliance via ssh, I'd love to hear about it.

  2. #2
    Master Untangler cblaise's Avatar
    Join Date
    Jul 2014
    Location
    Burlington, VT
    Posts
    133

    Default

    Yeah, if I remember each unit had a unique root password that support had to generate via a local app when they received calls.

    Can't offer any help beyond physically mounting via another Linux system and changing the root password via chroot.

  3. #3
    Newbie tonykitzky's Avatar
    Join Date
    Jun 2019
    Posts
    2

    Default

    Ahhh... That would explain why esoft techs would need the Admin password.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2