<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://draft.blogger.com/navbar.g?targetBlogID\x3d7134549\x26blogName\x3dJonathan\x27s+Liverstone\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://liverstone.blogspot.com/search\x26blogLocale\x3den_GB\x26v\x3d2\x26homepageUrl\x3dhttp://liverstone.blogspot.com/\x26vt\x3d-3181951560992862409', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe", messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER, messageHandlers: { 'blogger-ping': function() {} } }); } }); </script>
Jonathan's Liverstone

A place of Bile & other Humours.

BlogRoll

Links
Google
Aardvark
Scoop
Arts & Letters

Bloglines Blogroll feed currently *broken*

Subscribe to
Posts [Atom]bloglines

 

Listed on Blogwise
Who Links Here

This page is powered by Blogger. Isn't yours?

Security by Obscurity  

This posting on Bugtraq clearly demonstrates the stupidity of relying on obscurity to protect a default backdoor in internet equipment.
I was playing with a
Dynalink RTA 230 (http://www.dynalink.co.nz/products/rta230.htm), a linux
based mips-cored adsl router. Looking at embedded linux system, i've found something like a backdoor:

# cat /etc/passwd
admin:xxxxx(obscured)xxxxx:0:0:Administrator:/:/bin/sh
userNotUsed:YNf8oSCwK/0/Y:0:0:Technical Support:/:/bin/sh

Then forced the pass with John:

root@sbongaz:~/john-1.6/run# ./john passwd -show
userNotUsed:userNotU:0:0:Technical Support:/:/bin/sh

the first user is the administration account also used by http config center;
the second entry in passwd is not visible or modificable from the user config center. Luckly access to the http config center and telnet shell is blocked (not enabled by default) from outside the lan.

When will they ever learn that there is no substitute for real security ... and you can't hide backdoors.

Posted by the denizen @  9/15/2004 01:07:00 pm }
Back to Top

0 Comments:

Post a Comment

Back to Jonathan's Liverstone

Disclaimer: (I stole this from Internal Affairs.)
All links and references to other websites, organisations or people not within my control are provided for the user's convenience only, and should not be taken as endorsement of those websites, or of the information contained in those websites, nor of organisations or people referred to. I also do not implicitly or impliedly endorse any website, organisation or people who have off-site links to this website.
... But then again; I only link to sites 'cos I see something there that's worth linking to.