[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely

To: Scott Helme <scotthelme@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Thu, 16 Jan 2014 13:26:24 -0500

On Wed, Jan 15, 2014 at 3:28 PM, Scott Helme <scotthelme@xxxxxxxxxxx> wrote:
> The BrightBox router is the standard equipment issued by UK ISP Everything
> Everywhere (EE) to its subscribers.
>
> The device not only leaks sensitive data but is remotely exploitable too. An
> attacker even has the ability to take control of your account as the router
> leaks your ISP account credentials.
>
> You can read the full article here:
> https://scotthelme.co.uk/ee-brightbox-router-hacked/
To add insult to injury, they are probably using a hard code public
key pair, and its probably in the littleblackbox
(http://code.google.com/p/littleblackbox/).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
  - From: Scott Helme

Prev by Date: Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
Next by Date: Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
Previous by thread: Re: [Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely
Next by thread: [Full-disclosure] [HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL
Index(es):
- Date
- Thread