The "development builds" comment didn't leave me all that hopeful, but I can't say I was overly surprised when I typed in the password and landed at a root prompt! Root on the STB.
Myiptv hack full#
Back to Google, and in a few minutes I had the full users guide for a similar Amino STB, including the details for the default root password. More importantly, the banner message when connecting with telnet stated that the STB was actually an "Amino" brand. From there it didn't take much to find the IP of the STB, and discover that it allowed telnet access. The box itself was branded as "2M-Locatel", which led to some interesting details on the web, but nothing that helped actually access it. The results were, as you can probably guess from the default password comment above, very interesting. That might seem obvious, but it's amazing how frequently default passwords seem to turn up Whilst recently staying in a hotel in Asia that used an external STB I decided to do some digging into the system to see how secure it was. Unchanged vendor default passwords are bad.
0 kommentar(er)
