Thanks to me being sick due to food poisoning I had to stay home today instead of going for work. Feeling irritated since I had such a little left to complete I thought I would complete the code at home and then take it back to the office and integrate it with the rest of the code base, test, correct and make a final commit before going home. During one of the longer builds I was toying with the idea of how nice it would be if we had a remote SVN to which I could commit from work. Sadly such a feature does not exist. But how would you go about such a thing? VPN was the first thing that came to my mind. Ba! Too complex. Wouldn’t it be nice to set up the thing as a remotely accessible server by opening up a port, say:
"Company IP address:14035”
with some username and password and let us access it. I really don’t know if that can be done but it was still an idea worth toying with.
Out of curiosity however I just typed in our company IP address into the web browser bar and was greeted with the standard Router username and password dialog box. Feeling lucky I typed in admin, admin. No result. admin, admin123; nothing. admin, pass; still nothing. admin,password; welcome to the… “WHAT???????”
Turned out that not only was our router accepting external connections but the router’s username and password were still at default level. Note. I decided to wait a day to publish this since I gave a call to the office and asked the person in charge to fix it. Turns out that when the connection was being redone by SLT they had to do a hard reset on the router and hadn’t configured this bit again. Negligent but not as severe.
Strangely enough “Jerry” over on the IRC SLHacktivists had mentioned this before stating that it was unbelievable just how many routers one could find by typing in random IP addresses and even more unbelievable how many of those routers had been left on with the default username and password. Please don’t use this information for malicious purposes. If you do find someone’s router open and if it is an SLT ADSL configured one, you should be able to get the person’s phone number straight out from the username. Give that person a call and tell them to call SLT to reconfigure the router to prevent this kind of activity. I find it to be irresponsible on SLT’s part that they configure routers for clients and then leave it with these default settings on like this. Most people don’t know any better and therefore the onus of customer security falls upon SLT and any other company that installs these connections.
Wake up the community and spread some awareness people. Oh and check your own routers too.
N.B – Doing this at your own workplace could lead you to being thrown out and/or bringing up bad will between you and the server dude should the router have been left open. My suggestion is to do something in which you have definite evidence to say that nothing has been tampered with and that you did this only in the interest of investigating corporate security.