Eurocardsharing

Go Back   Eurocardsharing > Sharing receivers > DreamBox > Chat

Chat Discussion, *IMPORTANT* Security bug in DM800 images! *IMPORTANT* at DreamBox forum; in dreambox enigma webinterface there is a major security flaw: 1. you can access without password (evenif you have changed ...

Reply
 
LinkBack Thread Tools Display Modes
*IMPORTANT* Security bug in DM800 images! *IMPORTANT*
Old
  (#1)
hamster08
Banned as Payserver
 
hamster08's Avatar
 
Offline
Posts: 877

Level: 26 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 637
Magic: 292 / 17675
Experience: 49%

Thanks: 194
Thanked 256 Times in 182 Posts
Join Date: Aug 2008
*IMPORTANT* Security bug in DM800 images! *IMPORTANT* - 28-December-2008, 01:23

in dreambox enigma webinterface there is a major security flaw:
1. you can access without password (evenif you have changed your root password)

2. in EXTRA => FILE BROWSER, anyone can look at ALL the files on your dreambox, including your CCcam.cfg file for example!

Please either don't connect your dreambox directly onto the net (and rather use a port forwarding to redirect your sharing ports) or change an image which allows you to protect the webinterface
   
Reply With Quote
The Following 3 Users Say Thank You to hamster08 For This Useful Post:
Candyghost (11-February-2009), greg-cccam (09-April-2009), winston99 (28-December-2008)
Old
  (#2)
fortis321
Senior Member
 
fortis321's Avatar
 
Offline
Posts: 111

Level: 9 [♥ Bé-Yêu ♥]
Life: 0 / 213
Magic: 37 / 6794
Experience: 55%

Thanks: 7
Thanked 9 Times in 7 Posts
Join Date: Apr 2007
28-December-2008, 19:29

thanks but do u think that Gemini doesnt have this bug ?
   
Reply With Quote
Sponsored Links
Old
  (#3)
hamster08
Banned as Payserver
 
hamster08's Avatar
 
Offline
Posts: 877

Level: 26 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 637
Magic: 292 / 17675
Experience: 49%

Thanks: 194
Thanked 256 Times in 182 Posts
Join Date: Aug 2008
28-December-2008, 19:30

the gemini i have seen have the following added protection:
1. the http server is password protected (same as root)
2. the files are not browsable via the interface

cheers
   
Reply With Quote
The Following User Says Thank You to hamster08 For This Useful Post:
fortis321 (29-December-2008)
Old
  (#4)
DrPepper
Banned as Payserver
 
DrPepper's Avatar
 
Offline
Posts: 71

Level: 7 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 158
Magic: 23 / 4725
Experience: 34%

Thanks: 4
Thanked 6 Times in 5 Posts
Join Date: Dec 2007
28-December-2008, 23:13

The only one who does not have the security bug is the Nabilo image
   
Reply With Quote
Old
  (#5)
hamster08
Banned as Payserver
 
hamster08's Avatar
 
Offline
Posts: 877

Level: 26 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 637
Magic: 292 / 17675
Experience: 49%

Thanks: 194
Thanked 256 Times in 182 Posts
Join Date: Aug 2008
08-January-2009, 14:10

Quote:
Originally Posted by DrPepper View Post
The only one who does not have the security bug is the Nabilo image
It seems that nabilo also has this problem

ALL those who have their routers set to DMZ (i think that's what its called): i.E all incoming requests routed to the dreambox, and are running nabilo v0.6 on thier dm800: BEAWARE! anyone can access teh full content of your files and download your CCcam.cfg

furthermore, they can also download your passwd file and just do a bruteforce to find your root password!

I still keep getting peers who upgrade and don't close this:

1. either disable your web server on the dreambox
2. or fix your routing: do not route port 80: ONLY your cccam port needs routing


cheers!
   
Reply With Quote
The Following 2 Users Say Thank You to hamster08 For This Useful Post:
forko (11-January-2009), scorer (09-January-2009)
Old
  (#6)
scorer
Permanent Banned
 
scorer's Avatar
 
Offline
Posts: 35

Level: 4 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 92
Magic: 11 / 2521
Experience: 68%

Thanks: 7
Thanked 4 Times in 3 Posts
Join Date: Oct 2008
09-January-2009, 03:24

hamster thank you very match only close the web interfece from your box!
   
Reply With Quote
Old
  (#7)
craig
Senior Member
 
craig's Avatar
 
Offline
Posts: 109

Level: 9 [♥ Bé-Yêu ♥]
Life: 0 / 211
Magic: 36 / 5855
Experience: 45%

Thanks: 1
Thanked 9 Times in 9 Posts
Join Date: Aug 2008
25-February-2009, 19:04

i was hacked this way pli jade ,
how do i close the web interface ??
either disable your web server on the dreambox???? how is the way to do this please..
   
Reply With Quote
Old
  (#8)
hamster08
Banned as Payserver
 
hamster08's Avatar
 
Offline
Posts: 877

Level: 26 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 637
Magic: 292 / 17675
Experience: 49%

Thanks: 194
Thanked 256 Times in 182 Posts
Join Date: Aug 2008
25-February-2009, 19:12

don't put the dreambox on the dmz of your router
just portforward ur cccam ports and that's all you need
this way the access to the webserver is disabled

i don't know if you can disable the webserver from the menu's, but you can either change password of your dreambox or go to telnet and kill the httpd processes

cheers
   
Reply With Quote
Old
  (#9)
craig
Senior Member
 
craig's Avatar
 
Offline
Posts: 109

Level: 9 [♥ Bé-Yêu ♥]
Life: 0 / 211
Magic: 36 / 5855
Experience: 45%

Thanks: 1
Thanked 9 Times in 9 Posts
Join Date: Aug 2008
25-February-2009, 19:14

thanks for quick repy my isp lock my router so cant port forward

can u give me some exact info on these procedures maybee the telnet code ?
will it open up again though on reboot ?
   
Reply With Quote
Old
  (#10)
hamster08
Banned as Payserver
 
hamster08's Avatar
 
Offline
Posts: 877

Level: 26 [♥ Bé-Yêu ♥♥ Bé-Yêu ♥]
Life: 0 / 637
Magic: 292 / 17675
Experience: 49%

Thanks: 194
Thanked 256 Times in 182 Posts
Join Date: Aug 2008
25-February-2009, 22:33

it will most likely open up after a reboot
but you can do this:
Code:
telnet <ip of your dreambox>
it will show up
Quote:
dm800 login:
type in root as login
by default it doesn't ask you the password (if it does, just type password)
type
Quote:
ps | grep *inet*
it'll show the result
Quote:
[email protected]:~# ps | grep *inet*
23203 root 556 S grep *inet*
notice the pid
last, type in
Quote:
kill 23203
voila
you should have killed the web interface

cheers
   
Reply With Quote
Reply

Bookmarks

Tags
*important*, dm800, images!, security


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Forum Jump



ECS on RSS ECS on Twitter ECS on Facebook ECS on Youtube
Follow us on:

Powered by vBulletin
Copyright 2002 - 2010, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
Dreambox