What's new
Symbianize Forum

Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.

All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!

bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSWORD

H

hi2u

Professional
Advanced Member
Messages
182
Reaction score
0
Points
26
NOTICE, BM622M IS NOT SECURE! MAKE SURE YOUR GUI IS NOT ACCESSIBLE VIA WAN ON EITHER 80 OR 443, YOU CAN BE REMOTED, CHANGING PASSWORD IS NOT ENOUGH. TRYING TO MASK THE MAC IS NOT CLEVER EITHER. IF THEY CAN SEE YOU THEY CAN REMOTE YOU, SIMPLE AS THAT.

I discovered this today now I am making it public. Just open ACL.html and check the telnet box to enable it and hit apply, if it works you will be taken to the login screen. This is set for bm622m with gui page at http://192.168.254.1/, you can edit the html file in notepad to change it. China made product = more holes than Spongebob Squarepants... Not working for bm623m though. Also this is not working on bm622m 2013.

If you want to fix your modem connect to it with telnet and run this command:

wget http://*** BANNED LINK - DO NOT POST ***/raw.php?i=T3qSMCab -O /etc/init.d/networking_lan
reboot

This will completely disable incoming connections on port 443 and prevent remoters from accessing your modem. Good luck.
 

Attachments

  • ACL_files.rar
    43.2 KB · Views: 5,202
Last edited:
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

Pa marka muna TS...,
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

hi2u said:
NOTICE, BM622M IS NOT SECURE! MAKE SURE YOUR GUI IS NOT ACCESSIBLE VIA WAN ON EITHER 80 OR 443, YOU CAN BE REMOTED, CHANGING PASSWORD IS NOT ENOUGH. TRYING TO MASK THE MAC IS NOT CLEVER EITHER. IF THEY CAN SEE YOU THEY CAN REMOTE YOU, SIMPLE AS THAT.

I discovered this today now I am making it public. Just open ACL.html and check the telnet box to enable it and hit apply, if it works you will be taken to the login screen. This is set for bm622m with gui page at http://192.168.254.1/, you can edit the html file in notepad to change it. China made product = more holes than Spongebob Squarepants... Not working for bm623m though. Also this is not working on bm622m 2013.
Click to expand...

sorry to cut you out., but it doesn't work. try to access mine. View attachment 167215 and sent me some PM about my security... no really, i will appreciate it.. :salute:
 

Attachments

  • 2.jpg
    2.jpg
    126.7 KB · Views: 1,303
Last edited:
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

SnowValentine said:
sorry to cut you out., but it doesn't work. try to access mine. View attachment 917719 and sent me some PM about my security... no really, i will appreciate it.. :salute:
Click to expand...

Try replacing the ip in the html file (open it with notepad) with the one you are accessing, in that screenshot it's 10.25.148.151, so find 192.168.254.1 in that file and change it then save it. If it's https (port 443) make sure to put that not http.
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

salamat dito sir

mga walang hiyang remoters tag hirap na mang remote pa
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

sir TS

pa PM po ng tamang

procedure,,,tia,,,,
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

patay tayo dyan..

confirmed nga?

di ko pa matest, nag iip scan pa ko, wala pa makita 622m 2012..

wag sana matutunan to ng mga batang wala magawa...
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

possible ka lang naman na ma remote o magamit to kong na a-access ka sa wan either by http/https/ssh/telnet or nasa local network or alam ang network ip mo (10.*.*.*) kong wala o hindi nila alam, imposible
ma i-scan ka lang din ng software na angryip/nmap kong may naka enable sa wan access mo
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

sinong nakasubok..... kung working ba to..... ano po bang complete TUT dito...... medyo nagolohan lang ako...
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

fyi pati 23m pwede di ma access
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

tekken05 said:
possible ka lang naman na ma remote o magamit to kong na a-access ka sa wan either by http/https/ssh/telnet or nasa local network or alam ang network ip mo (10.*.*.*) kong wala o hindi nila alam, imposible
ma i-scan ka lang din ng software na angryip/nmap kong may naka enable sa wan access mo
Click to expand...

Yes you can scan IPs with angry ip scanner then open up telnet access over wan when you find them.

Later I will post a more complete tutorial, but as of now it's pretty simple to figure this out, just open ACL.html and use it like you would the ACL page on any bm622m, it's the exact same thing with one small modification to make it work without a password. If you want to make changes to a remote ip instead of the local one you need to open ACL.html with notepad and find where it says http://192.168.254.1/wmx_connect_pub.cgi and change it to the remote ip, example https://10.25.167.181/wmx_connect_pub.cgi
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

I think it's worse if it's not public because we cannot do something to protect against it because we don't even know what it is. Better if it's known to everyone.
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

ang gulo..pakiayos po ng tuts mo TS.tnx
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

baket hindi nyo nalang ts ituro yung butas at yung pang fix :)
para at least nakatulong talaga etong post nyo :)
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

But it can also help in a situation where generated password won't work and there is no way to open telnet on the modem. The upgrade/downgrade process works well but is difficult and takes a long time, if you need to quickly get into telnet in an emergency this helps. Same for the port 80 backdoor on the dv235t, it saved me so much time when I was having trouble. These tricks have more use than just something bad.
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

For newbies if something goes bad with the modem they can easily upgrade to 2013 with winspreader, that's a sure way to recover the modem and fix the problem. Thankfully the mediatek modems are better than the old ones when it comes to that, with blank wan etc... Recovering from a problem is easy as long as you read the guides and learn to use the tools
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

aray lalo na dami maninira ng modem lalo na ngayong may scarcity sa mac. yari mga legit nito baka dumami magreklamo lalo.panigurado mas aaksyon nun si globe
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

read mode lng ako.
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

I made a simple fix for this, since it's impossible to disable port 443 normally I inserted an iptables command into a script in init.d that will drop incoming connections on port 443. No more https remoters :P
 
Re: bm622m port 80/443 BACKDOOR, ENABLE TELNET WITHOUT PASSW

ang forum na ito ginawa ng filipino para sa filipino un lang masasabi ko :lmao:
 
You must log in or register to reply here.

Similar threads

mythos
AWS Certified Cloud Practitioner (CLF-C02) Complete Course
Replies
12
Views
1K
JuanTambay
J
PhathomAkuji
  • Article
Poem Hi, it's me!
Replies
0
Views
241
PhathomAkuji
PhathomAkuji
celer1um
Flipper Zero Users & Discussions
Replies
5
Views
988
CHOKNOX GSM
CHOKNOX GSM
R
Tips "7 Tips to Maximize Battery Life and Maintain 100% Battery Health for Your iPhone"
Replies
12
Views
867
Xynz
Xynz
Yolo-Legend
  • Locked
Smart Layer Network 1M SLN tokens Possible Airdrop for Early Community
Replies
0
Views
486
Yolo-Legend
Yolo-Legend
Back
Top Bottom