Given Mirai malware was interested in my vulnerability and found the password on a russian web site (thanks google translate). If I can figure it out then the "bad guys" already have it. Therefore I feel comfortable sharing so folks can actually do something about it (i.e. change the password)
login: root
password: 2011vsta
on a windows 10 machine, used Putty
Host name: 192.168.0.192
Connection type: Telnet
Port: 23
typing in busbox at the # lists available functions
use chpasswd to change password
# chpasswd (enter chpasswd at #)
root:newpassword (on blank line enter root:'newpassword'
should get response
Password for 'root' changed
hit enter and ignore the message
chpasswd: missing new password
1 comment:
This usually doesn't survive a reboot... If yours did you are lucky...
Also with these things an insecure telnet server is probably the least of your worries... They often have a ton of other things that let you get credentials and run things as root via the web interface...
Post a Comment