Results 1 to 7 of 7

Thread: 2wire password vulnerability

  1. #1
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default Posting of 2wire vulnerability permissible?

    What are the rules here concerning the posting of hardware vulnerabilities? Specifically a 2wire vulnerability? I see it as another motivation for those to get away from WEP (though the vul. has nothing to do with WEP).

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    You may post that sort of thing in general IT.

  3. #3
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default

    Thanks for the direction.

  4. #4
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default 2wire password vulnerability

    If you need any more motivation to move away from WEP, here's one for you:

    Associate with the 2wire AP and use the following:

    gateway.2wire.net/xslt?PAGE=H04_POST&PASSWORD=admin&PASSWORD _CONF=admin

    The kicker here is that you DON'T need to know the original password to change the router password. The above command will change the password to "admin"
    and then redirect you to the router setup page. Just exit out of the setup and you're golden. Worked great on the 2wire I'm responsible for.

    File this in the "what to do after I've cracked the WEP key" section...

    EDIT: oh and here's the source: http://www.securityfocus.com/bid/27516/info

  5. #5

    Default

    Cool. Thanks for that. If I ever get one, I'll try and remember this :P

    -Stephen

  6. #6
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default

    Where I live (midwest), AT&T is a big carrier and hand out those 2wires. Makes sniffing stupidly easy. Let's just say I consult a lot with friends and family on their LAN security

  7. #7

    Default

    Lucky for them hey

    -Stephen

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •