DrayTek Vigor revovery password
来源:互联网 发布:如何优化长尾关键词 编辑:程序博客网 时间:2024/06/18 06:11
A funny thing happened at the office the other day.
We have a teleworker who works in regional NSW. She connects via VPN to our Sydney office – we have Draytek Vigor 2800 VG's at each end.
For some reason, her line was disconnected (some sort of Telstra clerical error) and once that was sorted, she was given a new ISP password by Telstra.
Problem is, she had forgotten the password for the router. No, worries – just do a factory reset was the initial thought, but with so many settings needed to be re-entered, it would have been a real pain.
Whilst we were rummaging through our records to find the password, she called Draytek and they asked her for the MAC address of the unit and then gave her a password (about 6 characters, I think) which logged her in.
So it would seem that Draytek have a "backdoor" password – probably a hash on the MAC address or something of that ilk.
I've done some googling and can't find any mention of this for the Draytek or any other routers.
Is this common ? I guess it's not too much of a security issue, as firstly you'd need to know the MAC address, and secondly once you had the MAC address, you'd need to either have access to the LAN / wireless to login (unless remote management was enabled!).
Handy to know, regardless.
EDIT : Here's a thought... with a few calls to Draytek I could get the "hash" password for multiple addresses and probably derive the hash algorithm. Probably a question for a cryptography expert to comment on the viability, but it does leave me a little concerned.
http://forums.whirlpool.net.au/archive/1317036https://github.com/ammonium/draytools
- DrayTek Vigor revovery password
- 丰炜(VIGOR)PLC感受:
- password
- password
- Password
- password
- Password
- PASSWORD
- Password
- Password
- POJ 2255 Tree Revovery 二叉树遍历序列推导
- PASSWORD CHECK
- Password function
- ADSL Password
- Operation Password
- password studio
- ID/PASSWORD
- my password
- NATS
- 位运算实现加减乘除
- 安装BlueStacks时装不起来(XP)系统
- 图像操作之点运算
- Qt开发:设置QMAKESPEC,生成不同平台的makefile .
- DrayTek Vigor revovery password
- 中国电商还有几块“处女地”值得重新想象
- Python descriptor
- CREATE TABLESPACE命令详解(转)
- Arduino下跑马灯和步进电机控制代码实现
- 记录问题,linux 上svn checkout 失败 Can’t move ‘.svn/tmp/entries’ to ‘.svn/entries’
- c# DataTable按列排序问题
- 如何使用WCF服务实现分布式处理数据?
- CIPAddressCtrl控件的用法