Does My Sb6141 Have a Backdoor Login Updated FREE
Does My Sb6141 Have a Backdoor Login
Double Backdoor Exposed In Arris Cable Modems
Bernardo Rodrigues, a Brazilian security researcher, said that he uncovered non 1, simply two backdoors in some Arris cable modems ( TG862A, TG862G, DG860A) . Over 600,000 cable customers are afflicted by this, and co-ordinate to Rodrigues, the vendor hasn't committed to fixing the software flaws yet. Arris cablevision modems are used by some of the largest U.S. ISPs, including Comcast, Time Warner Cablevision, Charter and Cox.
The firmware of the cable modems in question came with an undocumented "libarris_password.and so" library that acted as a backdoor by allowing privileged account logins with a different custom password for each day of the year. This backdoor actually dates to 2009, just Arris never fixed information technology.
When users or attackers exploit this backdoor, they can admission the modem through SSH or Telnet ports over a hidden HTTP authoritative interface. The default password for the SSH user "root" is "arris." When SSH or Telnet sessions were created, the organization launched a "mini_cli" vanquish that asked for the backstairs'south password.
While the researcher was analyzing the backstairs, he discovered that there was another backdoor inside the first backdoor. This 2nd backdoor could exist accessed through SSH/Telnet by using the last v digits of the modem's serial number every bit its password. In one case accessed, a full busybox session is opened, giving the attackers fifty-fifty more capabilities.
Rodrigues was asked past the vendor not to disclose the password generating algorithm, merely he didn't think this will do much to irksome down attackers, because the extent of the vulnerabilities in these Arris cable modems.
"I'm pretty sure bad guys had been exploiting flaws on these devices for some time (just search for ARRIS DNS on Twitter, for case)," said Rodrigues.
Rodrigues reported the vulnerabilities to the CERT/CC, a major eye for addressing Net security problems that's funded by the U.S. federal government, which has a policy of waiting 45 days before software bugs are disclosed to the public. The researcher and CERT/CC have already waited more than 65 days for Arris to fix the problem, only that hasn't happened all the same, which is why the researcher is at present making it all public.
Rodrigues believes that if modem software tin can't be open up sourced and so everyone could audit the software in their modems, equally Vint Cert and others recently suggested , then researchers should at least exist allowed to contrary-engineer modem firmware. This manner, white chapeau security experts could observe and help prepare more security problems in our modems without being potentially liable to lawsuits against them by the modem companies who don't desire their vulnerabilities exposed.
______________________________________________________________________
Lucian Armasu joined Tom'due south Hardware in early on 2014. He writes news stories on mobile, chipsets, security, privacy, and anything else that might be of interest to him from the applied science world. Outside of Tom'due south Hardware, he dreams of becoming an entrepreneur.
You can follow him at @lucian_armasu . Follow u.s.a. on Facebook , Google+ ,RSS,TwitterandYouTube.
Does My Sb6141 Have a Backdoor Login
DOWNLOAD HERE
Source: https://www.tomshardware.com/news/double-backdoor-arris-cable-modems,30620.html
Posted by: nelsontyrdeed.blogspot.com