| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Jul 2003 23:44:48 +0100 From: cw <security@...ei.co.uk> To: <bugtraq@...urityfocus.com> Subject: Re: Asus AAM6000EV ADSL Router Wide Open Hi all, I was looking into the info provided by Michael Renzmann where he said: "The same data can be accessed by telnetting to the device and choosing the menu-path "System Maintenance / User Maintenance / List User" (6/5/4)." On the AAM6000EV, the "User Maintenance" option is not under System Maintenance and I haven't spotted it anywhere else (though I haven't searched in depth). What I did notice was that after using the web vulnerability to get the router username and password, an attacker could then go on to get the username and password for the internet account that the router is configured to use, hence potentially giving access to email and other services. Use the menu path "System Maintenance > View All Configuration" (6,1) Scan through the output for the following section: Module 'ppp': Then look for the following line 1 welogin username password logintype In the UK this can be very useful. People using BT ADSL will have a username that is username@...ain.tld, for example a Freeserve user would likely be username@...eserve.co.uk So not only does this allow you to get router access, but further poor configuration allows you to get all the details you need to access the hosts internet account.
Powered by blists - more mailing lists