SamyGO

sectroyer wrote:What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

Hi! Has root been proved to be successful on non-MST or not? My FW: T-NT14UDEUC-1023.2
Thanks.

Grief wrote:

sectroyer wrote:What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

You need backdoor in case of brick

sectroyer wrote:

Grief wrote:

sectroyer wrote:What's your choice then ?

I am just a curious guy and some kind of perfectionist. I am trying to understand what is the relationship between open telnets and riskless root access. Does the exploit rely on open telnet or it actually use them?

You need backdoor in case of brick

I can understand that. But I can't understand why cannot it be protected with a password?

Grief wrote: I can understand that. But I can't understand why cannot it be protected with a password?

Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

sectroyer wrote: Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

But don't you think that sending the password in plain text is still more secure than root access without any password?

It will protect the TV from script kiddies at least.

Grief wrote:

sectroyer wrote: Because that's how this telnet works and send password in plain text (which is how telnet WITH password works) is just stupid

But don't you think that sending the password in plain text is still more secure than root access without any password?

It will protect the TV from script kiddies at least.

I don't believe in "security trough obscurity" Sorry

sectroyer wrote: I don't believe in "security trough obscurity" Sorry

I really don't mind to start a holywar. Could you please just say is it possible to enable password protections for telnet daemons or not?

P.S. In my opinion it is not "security trough obscurity" as if I will use ssh instead of telnet, the password will never leave the TV. In case of "brick", I will be able to enter telnet console, recover, change password and continue to use ssh. Why do you think it's not secure?

Grief wrote: Could you please just say is it possible to enable password protections for telnet daemons or not?

Don't know, don't care

Grief wrote: Why do you think it's not secure?

Because IMHO it's pointless It will not be "secure" anyway

sectroyer wrote: Don't know, don't care

What a qualified answer!

P.S. GOT IT! You mean that you added another backdoor for samygo team, right?
P.P.S. As far as I understood, different telnets are for different TV models. You just enabling them all hoping that at least one will work correctly. So why cannot I disable not working ones after I found the port without "job control not running" issue?

P.P.P.S. I have an issue after rooting. TV doesn't power off first time. Instead of that, after pressing the button it shuts down for 5-6 seconds and turns on again. If I press the power button again before samygo getting loaded, it powers off successfully.