Thread: Superhub Superhub 7 second exploit
View Single Post
Old 06-03-2014, 23:40   #4
thenry
XIV
 
thenry's Avatar
 
Join Date: Dec 2009
Location: Crawley
Age: 35
Services: Three Unlimited
Posts: 15,772
thenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny star
thenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny starthenry has a nice shiny star
Re: Superhub 7 second exploit
Quote:
Originally Posted by LemonyBrainAid View Post
Apologies if this has already been posted somewhere (searched and couldn't find anything), but stumbled across this and had to share.

Allegedly it's possible to make use of a 7-second window of unsecured WiFi access during the SuperHub boot process to gain access to the admin panel and retrieve the unmasked WiFi password.

It requires the admin panel password, but as we all know it's very rare for the general user to do change that

Read more (and learn how to protect against it) here:
http://ramblingrant.co.uk/2014/03/06...security-flaw/
I told VM about this from the get go when testing the SH2 and it was taken on board and as far as I know it was fixed. Now when the SH2 boots up wifi 2.4GHz & 5GHz do not load up until a minute or two after the modem/router syncs etc.

Do your SH2 lights match up to whats actually going on? Could you please tell us the lighting sequence from power on to fully loaded up.

Also what is your software version > http://192.168.100.1/cgi-bin/VmRouterStatusInfoCfgCgi
thenry is online now   Reply With Quote