貌似北京网通 ADSL登录的密文泄露问题还没有修改
最早的发现者是 FlawZero@newsmth , 后来通过一个拐弯途径通知了网通的人,不知道他们啥时候才能修正。。
下面是以前的一段 log,关键地方已经马赛克掉了。
给看不懂的解释一下,就是北京网通 adsl 登录失败时候会把调试信息发送过来,里面包含着你真正密码加密后的密文,攻击者只需要一次失败尝试,就可以知道你密码的密文,然后用字典之类东西进行穷举攻击,可以算出来很多简单密码。
这个按说是一个比较严重的问题,不过所幸的是北京网通的 adsl 帐号并不是按照数字序列排列的,还支持自己改登录名,这样敌人不能大批量的穷举数字帐号来获得密文,算是不幸中的万幸。无论如何,密码不够强劲的,请赶紧去把密码改得强硬一些吧。
MagicLinux kernel: CSLIP: code copyright 1989 Regents of the University of California
MagicLinux kernel: PPP generic driver version 2.4.2
MagicLinux kernel: HDLC line discipline: version $Revision: 4.8 $, maxframe=4096
MagicLinux kernel: N_HDLC line discipline registered.
MagicLinux pppd[3483]: pppd 2.4.3 started by root, uid 0
MagicLinux pppd[3483]: Using interface ppp0
MagicLinux pppd[3483]: Connect: ppp0 <–> /dev/pts/3
MagicLinux pppoe[3486]: Changed pty line discipline to N_HDLC for synchronous mode
MagicLinux pppoe[3486]: PPP session is 3806 (0xede)
MagicLinux pppd[3483]: Remote message: 29;User(**\**)’s Authen Attrib(ai-Service-Password: NAS is 14W4BSbnMrVEg, Radius is 14*****, not match) Check Error
MagicLinux pppd[3483]: PAP authentication failed
MagicLinux pppoe[3486]: Session 3806 terminated – received PADT from peer
MagicLinux pppoe[3486]: Sent PADT
MagicLinux pppd[3483]: Modem hangup
MagicLinux pppd[3483]: Connection terminated.
MagicLinux pppd[3483]: Exit.
MagicLinux pppoe-connect: PPPoE connection lost; attempting re-connection.
MagicLinux pppd[3523]: pppd 2.4.3 started by root, uid 0
MagicLinux pppoe[3526]: Changed pty line discipline to N_HDLC for synchronous mode
MagicLinux pppd[3523]: Using interface ppp0
MagicLinux pppd[3523]: Connect: ppp0 <–> /dev/pts/3
MagicLinux pppoe[3526]: PPP session is 3806 (0xede)
MagicLinux pppd[3523]: Remote message: 29;User(**\**)’s Authen Attrib(ai-Service-Password: NAS is 14W4BSbnMrVEg, Radius is 14*****, not match) Check Error
MagicLinux pppd[3523]: PAP authentication failed
MagicLinux pppoe[3526]: Session 3806 terminated – received PADT from peer
MagicLinux pppoe[3526]: Sent PADT
MagicLinux pppd[3523]: Modem hangup
MagicLinux pppd[3523]: Connection terminated.
MagicLinux pppd[3523]: Exit.
MagicLinux pppoe-connect: PPPoE connection lost; attempting re-connection.