Skip to main content

Oppsss… Linksys RTP300 VoIP router.

I just found a bug in the login script of the RTP300 Linksys VoIP router. The firmware is 1.00.55 version. This was just by accident. My password contains letters and numbers. I was typing too fast and at the end of my password I typed the wrong number. By the time my actions clicked in my hear I had already hit enter. And what do you know? I was able to log in. This caused me to think about this, so I tried few different combinations of passwords and this is what I discovered.

  1. If the passwords starts with letters and ends on number(s). As long as the letter part of the password is correct, when entered at the log in screen if the number(s) at the end is not included or mistyped the user will still be able to log in.

  2. If the password is all numbers or starts with numbers then the user will need the correct password.


It seems like if you have numbers at the end of your password, and even if you mistype them, you will still be able to log in if your password starts with a letter.

Linksys I think it is time for you guys to work on this.

Comments

  1. Well the linksys company should hire you and Hack the world You Phreaker.

    ReplyDelete
  2. Hehe, thanks bro. I would not mind it but I got better plans. :)

    BTW, I can sum up Linksys response to my e-mail in few words and they are: Thanks for the info! We will work on it!

    ReplyDelete

Post a Comment

Popular posts from this blog

Format MAC Address [JavaScript]

I am currently working on a project which will allow users to register their Wi-Fi enabled, non-web browser enabled, devices on the network. These are devices like printers, Apple TV, and Xbox*. One of the data points that have to be collected from the user is the device MAC address. The project customer wants that address to be properly formatted when they see it in the support ticket.

We have several options. We can format the address either on the back-end after the form has been submitted. Or we can format it on the front end via a separate text field for each character pair, but that is too many fields to handle. A better solution is to use a single field and format the user input at the time of input or upon submit. In those cases, the former is better because the data will already be formatted when the overall form input is being validation after the user clicks the “Submit” button.

We are going to format the user input as it is being provided, thus having proper data when vali…

How to setup Coda 2 to push to GitHub?

Setting up a new site in Coda 2 and cloning a GitHub remote repository is not that big of a deal. Where you will most likely run into problems is when you try to push your changes to the GitHub remote repository. Below I will show you how to update the Git config file in your local repository so you do not run into one of the following errors:
git push failed remote: Remote anonymous access to repository deniedgit push origin master Username: fatal: Could not read passwordThe GitHub repository address I am going to use is that of Source Code DNA: https://github.com/thetitan/sourcecodedna.git. I will assume that you have already setup your Coda 2 site profile and cloned your repository, you have made some changes, and now you are ready to push those changes to your projects GitHub repo.

SNOOZ: Sound. Sleep.

I was on the Snooz Kickstarter page today, revisiting the project’s details and timeline progress. The device, which is a white-noise generating machine, recently became available for pre-order. Snooz is meant to be an alternative to having a TV or a stationary fan running at bed time. In my case, I bought it for my wife so we can get the TV out of the bedroom.

Whilst on the comments page I read the following comment, posted recently by Ken Tran:

I'm not a fan of the new fabric design. ...
I must disagree. If you take a look at the original design, which is all plastic and no style, I must say it is fugly. It is all utilitarian - not something I rally want to look at or see when I walk into the room. The final design, seen on the right, is something that beacons to be explored, looked at, utilized.

I am a big fan of Bang & Olufsen. They use fabric from Kvadrat in their line of products. Incorporating soft materials like fabric or leather in something which is meant to be place…