>change isp
>guy from new isp comes over to setup everything
>dun.flac
>router is pic related
>i want to port forward my stuff
>i cant find the un:pw anywhere
>look online, turns out its user:user
>wow, thats a bit worrying but dunno
>check out the telnet port
>ITS OPEN
>asks username and password
> try user:user zte:zte user:zte admin:admin root:root
>root:root works
>WHAT THE FUCK
>full busybox shell
>the entire neighbourhood is full of this cancer
should i have some fun? should i report it? more important what the fuck can i do?
>>54258566
Get rid of that piece of shit and build a better router
>>54258566
>>54258591
..AND have some fun. share results
>>54258591
yes but currently no money
this junk probably has a read only filesystem so i cant modify the pw
>>54258566
Fuck with their DNS settings
>>54258612
Post ip and let us connect to it
>>54258566
upload tor nodes to all in your region use the systematic security flaw to enhance security
this is the current situation here
>>54258566
>tfw you didn't understand this post and now you're worried about your router
;_;
>>54258649
rm -rf /*
>>54258566
in what fucking country does an isp guy come and setup a fucking router?
>>54258566
>should i report it?
I've read too many stories where 'white hat hackers' end up behind bars for reporting a blatant vulnerability. Just change the password and get on with your life.
>>54258653
tl:dr the terminal access to my router IS FUCKING DEFAULT PASSWORD
>>54258670
Hungary
the situation is currently its only open from the inside
>>54258673
>not reporting this shit to the company and getting hired and/or paid
If you haven't actually done anything bad before that, what can they charge you on?
>>54258670
>live in 1st world country
>want WiFi at home
>don't know or care how networking works because have life and things to do
>call up nerds at isp and lease a router and modem with internet service
>they come over and install it all for me
Feels good living in a service economy.
>>54258750
then wtf are you talking about
you dont have any access to any router outside your own subnet faggot learn to netsec
>>54258758
op here. this is a fucking no brainer even for me. its on purpose. no fucking way they missed this
>>54258750
Port forward and give us the IP
>>54258783
imageine this
>social engineer the pw
>they are fucked beyond help
>>54258787
>mfw its a honeypot
>op now on watchlist
>>54258705
wouldn't have guessed
>>54258767
you are probably retarded
>>54258806
first you need access to the network retard if you got that its over anyway
and social engineering the pw is the same, retarded users are not a problem of network security when it comes to routers
>>54258566
There are open and closed source solutions to this issue, bottom line, send that pile of shit back.
>>54258793
>>54258634
i was here when someone here made a test subreddit and posted the pw here. it was full of cp in a few min. i dont want this to happen to me
>>54258815
damn
>>54258676
Thats the norm, the point is that you're supposed to change it after you plug it in.
This fact is unknown to normies
>>54258566
>guy from new isp comes over to setup everything
what the fuck am I reading? did he fuck you afterwards?
>>54258676
NO FUCKING SHIT
>>54258866
but its still retarted as fuck. what if im not tech-curious and end up dns hijacked?
>>54258886
nope. everyone around here is fucking dumb when it comes to tech. this is normal
Block the telnet port with hardware firewall or get a better router.
>>54258940
i did exactly this. i dug up my anicent linksys. but it doesnt have a phone in. so i have to keep this cancer for a while
>>54258931
>I bought a laptop and it didn't already have a unique 24 character password lock on the BIOS, what if someone got a hold of it?!?
>>54258750
>only open on the inside
hogy lehet valaki ilyen hülye?
https://www.shodan.io/search?query=zxhn+h298n
>>54259002
Anon, hányan tudják a wifi jelszavad :^) ??
>>54259067
v-vad är detta
>>54258653
You know when people talk about this board being shit?
they're talking about you.
>>54259001
fair point but there are far more people concerned about their oses than their routers. everyone assumes its not something you can mess up this easily
setup a dns server that directs every inqury to meatspin.com and change all your neighbors dns to point to it.
>>54259163
not OP but how do you actually do that?
i was thinking of fucking with my roommate and setting facebook to switch to tumblr
>>54259326
>>54259163
I mean, how to set a dns where all sites would work right and only facebook would send people to tumblr?
>>54259373
>>54259326
Look up the syntax of the hosts file. And the config of dnsmansq
>guy from new isp comes over to setup everything
literally what
>>54259393
>dnsmansq
>unix only
anything for win?
>>54259135
hey it's cool if they come to learn and act humble
not cool if they spout shitty opinions though
>>54258670
Some ISPs force you to allow them to come and set it up, even if you do not need the service.
>>54259439
There is a file on every os called the hosts file. Look it up on wikipedia
I've run into a lot of defaulted equipment done by Northland cable for the college apartments around here. The switches they use between buildings and AP's they use are always defaulted 99% of the time.
It's laziness, just put the equipment in, connect the copper and get the fuck out.
And if someone fucks with a switch or AP, just go in hard reset, and go home again.
Literally the attitude.
>>54259001
Stop being an idiot. Many ISPs' routers come preconfigured with a unique password, as most normal users are never going to use it, let alone change it, thus having the default one is a security hole. OP's ISP could easily also give theirs a unique password. Beyond that, this one allows root access.
>>54259496
i know of hosts, hell i have all those clickbait shit sites blocked in it already
i just didn't know of dnsmansq
>>54258670
germany (if you want it this way, no problem @telekom)
>>54259515
You can probably find dns servers done in python or c that you can use on windows