Zapraszam na bloga o botnetach i złośliwym oprogramowaniu:
bothunters.pl
kanedaaa... ... borys ... bohater ...
slackware - pakiety
faq
security
public
art
processing
linux moje
tests
linki
stats
start
kaneda@bohater.net
+
Subject:
BeThere ISP backdoor (small research)
+
Version:
2007.02.23
+
Test by:
Kanedaaa: http://kaneda.bohater.net
+
Description:
After read this article:
http://blogs.securiteam.com/index.php/archives/826
I made some small research and its what I found:
ISP Range:
xxx.xxx.*.*
[about 16384]
Open 23 port [count]:
15692
Open 23 port with backdoor default BeTech username and password [count]:
14906 !!!
Type:
SpeedTouch 780: 10800
SpeedTouch 716: 4105
SpeedTouch 5x6: 1
Firmware:
6.1.4.3 : 10784
5.4.4.1 : 2090
5.3.2.6.0 : 901
5.3.4.2.0 : 845
6.1.4.6 : 203
5.4.0.11 : 63
6.1.7.2 : 14
6.1.9.6 : 2
5.4.0.14 : 2
5.3.4.1.0 : 2
They should fix it IMHO.
Btw: Iam aware when someone put some new IE 0day bug and redirect DNS on routers to his site [some microsoft.com, google.com, yahoo.com redirectors]
Timeline:
2007.02.23 Test start
2007.02.24 Details sent to http://bethere.co.uk/ via WWW form.
Original Advisory:
http://kaneda.bohater.net/security/20070223-BeThere_isp_backdoor-small_router_research.php
Check my other bugs in security section:
Security