10 July 2008

Indian broadband users at risk

Wow this was something I did not expect. But this surely did hit me hard the first time I got through it. It seems like I could access most Airtel Broadband users routers using simple telnet. Once I was connected, all that was required was username and password. Boy and I am in. I have access to the router now and I sure can do a lot of crazy stuff with it.

Wait a minute, did I say you need username and password. How would I get the username and password. Well actually not very difficult. Is it. No one ever changes the username and password of their router. Actually no one expects anyone to be able to access the router without their knowledge. But the sad fact is, anyone on the internet can access their router. Most people do not even realize that their internet connection can be easily compromised. How? Well simple steps to follow

1. Press Window Key + R  to open the Run Command Dialog

2. Press cmd (Enter)

3. Enter 'telnet xxx.xxx.xxx.xxx'

Where 'xxx.xxx.xxx.xxx' is the IP Address of someone from Airtel Broadband. Trust me, its not difficult to get the IP of any/random airtel user.

4. Now you would have to enter Username. Thankfully its 'admin' to just enter it and now the tough part, the password. But whats the password. Well password is 'password'. Well literally.

5. One you are through with it. You can enter 'sh' at the prompt. Now to have a simple Linux shell available to you. Now you can do a hell lot of things, which I leave to your imagination.

I blame no one but Airtel for this fiasco. Its their responsibility that when they install a connection for a subscriber, they should change the password. But first of all, a WAN side access to telnet should never be allowed in the first place. I am very sure that most people have no idea about it. Time awareness spread.

Well Airtel may not be the only one, infact I believe all broadband users are equally at risk. Though I could not get through Tata Indicom or BSNL connections, I am sure they too are equally susceptible.

I am going to the Security Camp happening in Bangalore this Saturday 12 July, 2008. Hopefully I will meet some people who will carry this message forward and generate enough awareness to make people secure.

 

PS: Please write about it in your blog too. If you dont have a blog, the least you can do is Digg it.

3 comments:

arun said...

The max you can do is just restart the router.

100rabh™ said...

:-)
as I said you need to use a lot creative skills. I dont want to let unsuspecting users get into trouble, nor want to teach hacking. But if someone is smart, he would know what to do :-)

arun said...

OK, I agree with you on this and also I want to add that I have noticed the same issue in some badly configured BSNL devices too.