Dreambox browser WebControl and hacker attacks

Cefizelj · 2. Februar 2016, 16:40

I know it sounds stupid, but is it possible for someone to have remote access to my Dreambox via Dreambox WebControl feature of Newnigma2, if he knows my home internet IP address and (router) IP address of my receiver? If yes, how to prevent this? Thank you!

deepblue2000 · 2. Februar 2016, 16:45

close all forwarded ports, and set user/pass to your dreambox

Cefizelj · 2. Februar 2016, 17:23

OK, Thanks! I have no forwarded ports opened on my router and Dreambox password is set. Is this all? I am still worried! I am just thinking: If I can access my Dreambox connected to my home network via browser only by using box IP (without entering any password), anyone from the outside world, with appropriate computer skills, can? I hope, I am wrong.

deepblue2000 · 2. Februar 2016, 17:36

if you set a secure password, then u´re one the safe-side

Cefizelj · 3. Februar 2016, 07:21

Browser Dreambox WebControl does not require any password to be entered in order for this App to be launched, like DreamControlCenter, for example, does. If I am using DreamboxControlCenter, I am asked to enter password every time, when I launch it, but never, when using Dreambox WebControl. So, now anyone knowing my home network Dreambox IP address can log to the receiver and take snapshots of the channels I am watching or make certain changes to the firmware. There should be an option in the receiver software to disable/enable Dreambox WebControl or to be able to protect this App by user password. Now this App is not protected by any password.

securityfocus.com/bid/63006/exploit
securityfocus.com/bid/63006/discuss

Cefizelj · 3. Februar 2016, 09:32

I have found, what is the problem. WebInterface HTTP authentication in newnigma2 is by default set to "OFF". My advise to everybody: Urgently create your personal Dreambox password and set WebInterface HTTP authentication to "ON"! In case you are paranoiac, like me, you can disable WebInterface completely!

[Blockierte Grafik: http://shrani.si/f/37/Rz/3RQ90q09/db-web-interface-1.png]

[Blockierte Grafik: http://shrani.si/f/3O/Mr/2EaXVMAm/db-web-interface-2.png]

[Blockierte Grafik: http://shrani.si/f/t/i7/1YuIPOFA/db-web-interface-3.png]

[Blockierte Grafik: http://shrani.si/f/1r/Hc/4aWsNEsL/db-web-interface-4.png]

[Blockierte Grafik: http://shrani.si/f/1e/jr/2Z78v21B/db-web-interface-5.png]

nighti · 3. Februar 2016, 10:01

Cefizelj schrieb:

I know it sounds stupid, but is it possible for someone to have remote access to my Dreambox via Dreambox WebControl feature of Newnigma2, if he knows my home internet IP address and (router) IP address of my receiver? If yes, how to prevent this? Thank you!

No it's is not possible to access the dreambox webinterface from outside of your lan, if you doesn't forward the webinterface ports on your router

Cefizelj · 3. Februar 2016, 14:41

I don't know much about WAN/LAN routing, so maybe you are right, maybe you are not. Let's say, you are right, I wish you are!
But who can explain, about what kind of Dreambox WebControl Unauthorized Access Vulnerability is Symantec talking about?

symantec.com/index.jsp
securityfocus.com/bid/63006/discuss

nighti · 3. Februar 2016, 16:01

This only affect lan situations.
If you are not forwarding the webports to the internet(wan) they are not reachable outside from your lan.
This has nothing todo with securtiy issues from the webinterface. This is only a still lan/wan routing thing.

Cefizelj · 4. Februar 2016, 06:11

OK, I understand this. You say It's safe, I trust you. One more thing: Is it true, that some optional "Apps" installed on Dreambox, like CCcam.cfg, can open router ports by default for their operation and that in time, when this happen, through these ports security of Dreambox can be compromised from the outside world by hackers?

Lost in Space · 4. Februar 2016, 08:27

The camembert binaries can do what they want as most of them are closed source with dubios origin

Teilen