Eurocardsharing

Go Back   Eurocardsharing > Sharing receivers > DreamBox > Chat

Chat Discussion, *Important* Major Security flaw in Dreambox at DreamBox forum; As the title says...it is a MAJOR security flaw in Dreambox. I read a lot of members that get there ...

Reply
 
LinkBack Thread Tools Display Modes
*Important* Major Security flaw in Dreambox
Old
  (#1)
Ramad
Donator
 
Ramad's Avatar
 
Offline
Posts: 283

Level: 15 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 368
Magic: 94 / 10360
Experience: 73%

Thanks: 39
Thanked 554 Times in 91 Posts
Join Date: May 2008
*Important* Major Security flaw in Dreambox - 28-September-2008, 23:35

As the title says...it is a MAJOR security flaw in Dreambox.

I read a lot of members that get there Dreambox hacked, even if they have changed there Dreambox password..in the few lines below you will find out why is that.

The flaw in the Dreambox happens only when a user does the followings :

1. The Dreambox get flashed to an image, it does not matter if the user flashes his Dreambox to a new image or just re-flashes his Dreambox to the existing image that the Dreambox already has.

2. The Dreambox get reset to the original Factory Settings, this option is located in the Dreambox Expert Setup under the main Setup menu.


The description of the flaw :

The Dreambox can be accessed using 2 passwords :


1. The original root password that all the new Dreamboxes have when shipped from the factory...the default root password is dreambox.


2. The root password that have been chosen by the user earlier in Telnet (if any), this password has been changed from the default password "dreambox" by the user when executing passwd in Telnet in order to change the default Dreambox password to a new password.


The FIX :

The fix is simple, by executing passwd in Telnet (using DCC for example) twice (you will get the message that the password does not match or has not been changed the first time), and that is AFTER the flashing or re-flashing of the Dreambox is complete, and when the password is changed, the Dreambox will then only grant access to the connection that uses the new password that have been chosen by the user.


I found about this flaw in my DM600 and in my friends DM500 and the flaw is present in Gemini 4.5, Nabilo DarkstarII and PLI Jade so I guess that this flaw is present in every Dreambox that uses an Enigma1 image, I don't know about Dreamboxes that use Enigma2 so I would like to ask our members that have DM7025 and DM800 to provide there results regarding this flaw.


The bright side:

Now to the other side of this coin...

The bright side in this case is that you can recover the root password if you have forgotten it, by reseting your Dreambox or re-falshing your Dreambox and log in using the default root password, which is dreambox, and change it then to something that you can't forget..

Last edited by Ramad; 29-September-2008 at 07:15.. Reason: I love colors!!
   
Reply With Quote
The Following 11 Users Say Thank You to Ramad For This Useful Post:
artman (26-February-2009), aztek69 (15-January-2009), bayernmunich (05-September-2009), behmen (13-January-2009), Charly20 (18-October-2008), dietkinnie (07-January-2010), greg-cccam (03-November-2008), hacienda (19-October-2008), hist (24-February-2012), rfdomingos (28-July-2009), theblueirish (16-January-2009)
Old
  (#2)
CC_share
Special Friends
 
CC_share's Avatar
 
Offline
Posts: 1,446

Level: 32 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 788
Magic: 482 / 25698
Experience: 55%

Thanks: 115
Thanked 2,717 Times in 468 Posts
Join Date: Oct 2006
Location: No GPS fix found, (are you inside a building?)
29-September-2008, 00:03

A good lesson to be learned from this.

Do NOT use telnet to access the dreambox from the internet or put the dreambox in the DMZ zone of you're router.


-------------------------------------------------------
DM7000 Running Nabilosat Darkstar II
Linux CardServer running Debian 5.0.2
I Hate people who steal my stuff
-------------------------------------------------------
All youre cards are belong to us

If you're happy with our board, Please consider making a donation HERE

Looking for Peers again. HERE

It's not a shame if you use the Thanks button
   
Reply With Quote
The Following User Says Thank You to CC_share For This Useful Post:
dietkinnie (07-January-2010)
Sponsored Links
Old
  (#3)
Ramad
Donator
 
Ramad's Avatar
 
Offline
Posts: 283

Level: 15 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 368
Magic: 94 / 10360
Experience: 73%

Thanks: 39
Thanked 554 Times in 91 Posts
Join Date: May 2008
18-October-2008, 14:45

Quote:
Originally Posted by CC_share View Post
A good lesson to be learned from this.

Do NOT use telnet to access the dreambox from the internet or put the dreambox in the DMZ zone of you're router.
You are right CC, Telnet should only be activated when needed, then it must be disabled....however, this does not fix the problem, as the Dreambox FTP directories still can be accessed because of this flaw.
   
Reply With Quote
Old
  (#4)
emmanneil
Permanent Banned
 
emmanneil's Avatar
 
Offline
Posts: 51

Level: 5 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 124
Magic: 17 / 3340
Experience: 97%

Thanks: 7
Thanked 9 Times in 8 Posts
Join Date: Oct 2008
27-October-2008, 13:16

how do i disable telnet ?
   
Reply With Quote
Old
  (#5)
Smurfer
Super Moderator
 
Smurfer's Avatar
 
Offline
Posts: 1,100

Level: 29 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 703
Magic: 366 / 21504
Experience: 13%

Thanks: 869
Thanked 1,475 Times in 369 Posts
Join Date: Jun 2007
Location: Smurf Village
27-October-2008, 14:08

Quote:
Originally Posted by emmanneil View Post
how do i disable telnet ?
It is simple dont open ports on your router and change default Dreambox password. Close all your ports and open only port that you are using for sharing.
You can check do you have open ports here: Open Port Check Tool


...shortest ban in the history of the board...

Last edited by Smurfer; 27-October-2008 at 14:14..
   
Reply With Quote
Old
  (#6)
gboxing
Junior Member
 
gboxing's Avatar
 
Offline
Posts: 4

Level: 1 [♥ Bé-Yêu ♥]
Life: 0 / 5
Magic: 1 / 146
Experience: 21%

Thanks: 0
Thanked 0 Times in 0 Posts
Join Date: Oct 2008
Age: 52
03-November-2008, 22:00

is the changing of psswrd of dreambox is enough to be safe?
   
Reply With Quote
Old
  (#7)
Ramad
Donator
 
Ramad's Avatar
 
Offline
Posts: 283

Level: 15 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 368
Magic: 94 / 10360
Experience: 73%

Thanks: 39
Thanked 554 Times in 91 Posts
Join Date: May 2008
03-November-2008, 22:59

Quote:
Originally Posted by gboxing View Post
is the changing of psswrd of dreambox is enough to be safe?
You are never safe when connected to the internet, but doing so can make it safer..
   
Reply With Quote
Old
  (#8)
pietpukkel
Junior Member
 
pietpukkel's Avatar
 
Offline
Posts: 3

Level: 1 [♥ Bé-Yêu ♥]
Life: 0 / 2
Magic: 1 / 71
Experience: 10%

Thanks: 1
Thanked 0 Times in 0 Posts
Join Date: Dec 2008
Age: 47
24-December-2008, 00:42

I have tried it on my DM7000 but I do not seem to be able to access the box with the default password after having changed the password the first time.
   
Reply With Quote
Old
  (#9)
tarin
Junior Member
 
tarin's Avatar
 
Offline
Posts: 10

Level: 2 [♥ Bé-Yêu ♥]
Life: 0 / 25
Magic: 3 / 652
Experience: 0%

Thanks: 0
Thanked 2 Times in 2 Posts
Join Date: Jan 2009
Age: 51
12-January-2009, 21:02

telnet from 192.168... - ok
telnet from xxx.no-ip.com - nok
   
Reply With Quote
Old
  (#10)
tobox
Junior Member
 
tobox's Avatar
 
Offline
Posts: 2

Level: 1 [♥ Bé-Yêu ♥]
Life: 0 / 0
Magic: 0 / 19
Experience: 2%

Thanks: 0
Thanked 0 Times in 0 Posts
Join Date: Mar 2008
26-February-2009, 18:15

On my DM800, I could not reproduce this. Does this still affect current boxes with current Geminis (4.1)?

TOBox
   
Reply With Quote
Reply

Bookmarks

Tags
*important*, dreambox, flaw, major, security


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Forum Jump



ECS on RSS ECS on Twitter ECS on Facebook ECS on Youtube
Follow us on:

Powered by vBulletin
Copyright 2002 - 2010, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
Dreambox