Устранен секретный бэкдор, обнаруженный в 80 моделях камер наблюдения Sony.

Здесь может быть ваша реклама

В ходе рутинной проверки аналитики европейской компании SEC Consult обнаружили что-то странное в прошивках IP-камер и камер наблюдения Sony. Как оказалось, прошивки 80 различных моделей содержат жестко закодированные учетные данные для нескольких бэкдор-аккаунтов. Первый аккаунт: логин debug, пароль popeyeConnection; второй аккаунт: логин primana, пароль primana. Уязвимы прошивки камер пятого поколения, ниже версии 1.82.01, а также камеры шестого поколения, с прошивкой ниже версии 2.7.0.

Исследователи пишут, что при помощи грамотно составленного HTTP-запроса злоумышленник может получить доступ к Telnet, а более новые модели можно скомпрометировать и через SSH. В качестве примера в отчете приведены следующие URL:


Как можно видеть, запросы приведут к запуску prima-factory.cgi, однако срабатывает это только на камерах Ipela Engine пятого поколения. Для камер шестого поколения можно использовать «волшебное слово» himitunokag, что в переводе с японского означает «секретный ключ».

Кроме того, можно также получить root-права, так как исследователи обнаружили еще один бэкдор на уровне ОС. В отчете приведены следующие парольные хеши:

root:$1$$mhF8LHkOmSgbD88/WrM790:0:0:5thgen:/root:/bin/sh (для моделей пятого поколения);

root:iMaxAEXStYyd6:0:0:root:/root:/bin/sh (для моделей шестого поколения).

«Мы полагаем, что бэкдор был внедрен разработчиками Sony намеренно (возможно, в целях дебаггинга устройств во время разработки или для фабричного тестирования), и не был создан «неавторизованными сторонними лицами», как это было в других случаях, к примеру с бэкдором в Juniper ScreenOS», — говорят исследователи SEC Consult.

Специалисты уведомили Sony о своих находках еще в конце октября 2016 года. 28 ноября инженеры Sony представили исправления, выпустив прошивки 1.86.00 и 2.7.2. Для чего предназначались найденные бэкдоры, представители Sony не пояснили и вообще воздержались от каких-либо комментариев.

Обновить прошивку следует владельцам камер следующих моделей:

SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL, SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521 и SNC-ER521C.

Фото: Sony
Источник — xakep.ru

Bennet cheap china jerseys Omalu, who was not affiliated with the BU research team. Regardless, Mike’s death became the impetus for the forthcoming movie «Concussion,» which is scheduled to be released on Christmas day. Anyone who Cheap NFL Jerseys has used a smartphone in the past two years will have no issues whatsoever getting around the device. Even a smartphone neophyte will probably have very few problems finding whatever they are looking for.. NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using cheap jerseys a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. If Johnson had been in a better place he might have won the US Open and the PGA Championship in 2010, when he was the same age as McIlroy now. A final round 82 blew the three shot lead he took into the final round at Pebble Beach. It may also refer to overestimating one’s own managerial capacity or ability. This is an extension of problem solving where people do not accept they do not have a solution or they have to let go. I’ve had to stay like that for 12 hour marathon sessions, nonstop. If you stretch up or down, you’re «unsterile» and need to go rescrub and regown. My wife teases me like I could be a hairstylist. I love that. «I don’t care if you want to be Beyonc or Hillary Clinton, you got to learn how to code,» Saujani said. «If you want to be a veterinarian, if you want to be a doctor, if you want to be a ballerina, technology is critical to whatever you create or build, so learn, learn how fake oakleys to code.». If your help is over top of you, you can force him either way, but preferably you probably want to force the wide receiver to where your safety is most likely to be in the best position to give you pass coverage help. When cheap football jerseys all else fails and you are in man on man coverage, always remember to take away the wide receivers inside routes and force him outside. He then compared the Republicans to a losing football team. «Did you see the Giants game on Sunday?» he asked. We seen Garoppolo play in three preseasons now and still have no idea what to expect when he gets his first start in Week 1. He lay for the best run organization in the league, so it won be surprise if he anywhere from solid to good during his four game stretch.. Our country isn’t perfect and it never will be. But it affords individuals who aren’t educated or trained in trades to contribute to our country and become rich.USA TODAYPolicing the USABy disrespecting the flag, you are also disrespecting the majority of people hockey jerseys who are not part of the issue you Wholesale NFL Jerseys are attempting to highlight.
Texas’ fifth largest city is Fort Worth, with more than 650,000 residents. As a stop on the Chisholm Trail, it became a major player in the cattle trade in the 1800s, leading to the construction of the Fort Worth Stockyards. While part of the Stockyards has become an entertainment district with stores, restaurants, and bars, they still have a daily cattle drive, as well as the Fort Worth Stock Show, and rodeos, honoring their Western roots.. And the other people argue look, people do this voluntarily. You’re not conscripted into football. You know, this is not a draft system where you are forced to do this for the benefit of the state or whatever and, if it’s your choice, why should people be unable Cheap Football Jerseys to watch it if that’s it’s also their choice?. But as apartheid started going out of style at approximately the same rate as parachute pants, the now multiracial police stopped turning a blind eye. Pieter recalled the aftermath of the cheap nfl jerseys Battle of Ventersdorp, a violent confrontation between the AWB and the police which left three AWB men dead. «My cheap oakleys sunglasses dad knew some of the people. The day before Dalton died, Katie said she did not feel regretful about their choice to meet face to face. «It gave me some of the best years of my life,» she said. «I’d rather have five years of being in love and ray bans sale just really completely happy than 20 years of not having anybody.». If the blood glucose level drops (between meals) so does the level of insulin. Some glycogen or fat is then switched back into glucose which is freed from the cells into the bloodstream. Insulin a hormone created by cells known as beta cells. He added that they wanted to make sure that the ministers Cheap NFL Jerseys concerned ‘do not close off any options at this stage’. Others were less hopeful. GW Monger warned: ‘DHSS (Department of Health and Social Security) officials say there is no chance that Mr Fowler would agree to further study of this idea.’. We do that by first placing a draw top garbage bag in the cooler and closing the bag in between openings of the cooler. We have kept the ice chest items frozen in a regular picnic cooler for two full days that way. In custom jerseys this super insulated version that might be four days.. And do the same thing. Notice my motion is nice and big when I start, it covers a lot of space. And what I’m going to do is, when I get more comfortable, I’m going to shorten that distance up, and put a lot more of the motion into the bottom of my elbow, and my wrist; my wrist is Cheap Football Jerseys torquing around.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *