Hacking la fonera... part III
La fonera, that fully tivo-ified (as rms would say :)) wifi accesspoint by fon was hacked two (now three:)) times, and it has always been patched very quickly.The last one that was discovered here with a nice tutorial here, was fixed on the 0.7.1 version of their firmware, but there is still a very similar hole in the webform still about unescaped evil characters...
Just replace "/usr/sbin/iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT" and "/etc/init.d/dropbear" in step1.html and step2.html with "$(/usr/sbin/iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT)" and "$(/etc/init.d/dropbear)"
Once done this follow the instructions of the last method straightforward...
Now, it will be surely fixed in the next version and you know what? I hope that it will be fixed, because it's a very serious security problem, but it's very sad that everything it's becoming more and more broken by design, so pleeeeease fon, open that ssh by default and we will all looove you :)
Re
I guess that people should sit relaxed, simply because the best writing services can assist to create the custom comparison essay of top quality.
needa
i want to have this software
Re: :S
ElNota, this hack works with the 7.1.1-r1.
For the 7.0.1-r1 have a look to http://bingobommel.blogspot.com/
BTW, after enabling the ssh port, the username is "root" and password is "admin".
0.7.1 r1
I just change the target site and it works now on the 0.7.1 r1. I sumed up it and wrote a small howto: http://blog.blase16.de/2006/11/28/Hacking-Fonera
:S
This doesn´t seems to work now, with the 7.0.1 rc1. Nice try.
Blog
software
graphics
music
all the rest 