... kaneda.bohater.net ...

kanedaaa... ... borys ... bohater ...

slackware - pakiety

faq

security

public

art

+ Subject:
BeThere ISP backdoor (small research)

+ Version:
2007.02.23

+ Test by:
Kanedaaa: http://kaneda.bohater.net

+ Description:
After read this article: http://blogs.securiteam.com/index.php/archives/826
I made some small research and its what I found:
ISP Range:
xxx.xxx.*.*
[about 16384]

Open 23 port [count]:
15692

Open 23 port with backdoor default BeTech username and password [count]:
14906 !!!

Type:
SpeedTouch 780: 10800
SpeedTouch 716: 4105
SpeedTouch 5x6: 1

Firmware:
6.1.4.3 : 10784
5.4.4.1 : 2090
5.3.2.6.0 : 901
5.3.4.2.0 : 845
6.1.4.6 : 203
5.4.0.11 : 63
6.1.7.2 : 14
6.1.9.6 : 2
5.4.0.14 : 2
5.3.4.1.0 : 2

They should fix it IMHO.

Btw: Iam aware when someone put some new IE 0day bug and redirect DNS on routers to his site [some microsoft.com, google.com, yahoo.com redirectors]

Timeline:
2007.02.23 Test start
2007.02.24 Details sent to http://bethere.co.uk/ via WWW form.

Original Advisory: http://kaneda.bohater.net/security/20070223-BeThere_isp_backdoor-small_router_research.php

Check my other bugs in security section: Security