[Ended][ROOT] H "Skype" root (FW<=Dec.2014, all T-GFS)

[Grief]

What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

[marius2du]

Hi! Has root been proved to be successful on non-MST or not? My FW: T-NT14UDEUC-1023.2
Thanks.

[sectroyer]

What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

You need backdoor in case of brick

[Grief]

What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

You need backdoor in case of brick

I can understand that. But I can't understand why cannot it be protected with a password?

[sectroyer]

I can understand that. But I can't understand why cannot it be protected with a password?

Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

[Grief]

Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

But don't you think that sending the password in plain text is still more secure than root access without any password?

It will protect the TV from script kiddies at least.

[sectroyer]

Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

But don't you think that sending the password in plain text is still more secure than root access without any password?

It will protect the TV from script kiddies at least.

I don't believe in "security trough obscurity" Sorry

[Grief]

I don't believe in "security trough obscurity" Sorry

I really don't mind to start a holywar. Could you please just say is it possible to enable password protections for telnet daemons or not?

P.S. In my opinion it is not "security trough obscurity" as if I will use ssh instead of telnet, the password will never leave the TV. In case of "brick", I will be able to enter telnet console, recover, change password and continue to use ssh. Why do you think it's not secure?

[sectroyer]

Could you please just say is it possible to enable password protections for telnet daemons or not?

Don't know, don't care

Why do you think it's not secure?

Because IMHO it's pointless It will not be "secure" anyway

[Grief]

Don't know, don't care

What a qualified answer!

P.S. GOT IT! You mean that you added another backdoor for samygo team, right?
P.P.S. As far as I understood, different telnets are for different TV models. You just enabling them all hoping that at least one will work correctly. So why cannot I disable not working ones after I found the port without "job control not running" issue?

P.P.P.S. I have an issue after rooting. TV doesn't power off first time. Instead of that, after pressing the button it shuts down for 5-6 seconds and turns on again. If I press the power button again before samygo getting loaded, it powers off successfully.