La Fonera hacked again

Once again Stefan and Michael exploited la fonera to get shell access , even on latest firmware release 0.7.1-2.

For the impatients just do the following

  1. connect to web interface of la fonera via “My place”
  2. change the dns to 88.198.165.155
  3. reboot la fonera
  4. enjoy your ssh access
  5. change the DNS entry to the one of your choice ( I suggest OpenDNS 208.67.222.222 )

For all those who wants to go deeper , read directly on Stefan web site.

It’s chillispot.conf injection via fake radius server and DNS spoofing.

Congratulation guys , you’ve got talent !

Advertisements