Tale of a little pixel

Hacking la fonera... part III

La fonera, that fully tivo-ified (as rms would say :)) wifi accesspoint by fon was hacked two (now three:)) times, and it has always been patched very quickly.
The last one that was discovered here with a nice tutorial here, was fixed on the 0.7.1 version of their firmware, but there is still a very similar hole in the webform still about unescaped evil characters...
Just replace "/usr/sbin/iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT" and "/etc/init.d/dropbear" in step1.html and step2.html with "$(/usr/sbin/iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT)" and "$(/etc/init.d/dropbear)"
Once done this follow the instructions of the last method straightforward...
Now, it will be surely fixed in the next version and you know what? I hope that it will be fixed, because it's a very serious security problem, but it's very sad that everything it's becoming more and more broken by design, so pleeeeease fon, open that ssh by default and we will all looove you :)

Re

I guess that people should sit relaxed, simply because the best writing services can assist to create the custom comparison essay of top quality.

Sent from GEENA20 (Anonimous) on 05/02/2010 at 13:40:28

needa

i want to have this software

Sent from safiullah (Anonimous) on 29/07/2009 at 8:14:26

Re: :S

ElNota, this hack works with the 7.1.1-r1.

For the 7.0.1-r1 have a look to http://bingobommel.blogspot.com/

BTW, after enabling the ssh port, the username is "root" and password is "admin".

Sent from err (Anonimous) on 04/12/2006 at 14:51:23

0.7.1 r1

I just change the target site and it works now on the 0.7.1 r1. I sumed up it and wrote a small howto: http://blog.blase16.de/2006/11/28/Hacking-Fonera

Sent from kalkin (Anonimous) on 28/11/2006 at 23:23:43