+- Haxorware Forums (http://www.haxorware.com/forums)
+-- Forum: General (http://www.haxorware.com/forums/forumdisplay.php?fid=6)
+--- Forum: Modems (http://www.haxorware.com/forums/forumdisplay.php?fid=7)
+--- Thread: Mfg Cert from AVM compromised (/showthread.php?tid=4387)
Pages:
1
2
Mfg Cert from AVM compromised - FallGuy - 19-11-2016
https://www.excentis.com/testing/certification/programs/eurodocsis/digital-certificates/revoked-certificates
background story (in german):
https://www.heise.de/security/meldung/Entfleuchter-FritzBox-Schluessel-zum-Ausstellen-falscher-Zertifikate-missbraucht-3465065.html
RE: Mfg Cert from AVM compromised - Winston - 19-11-2016
Nice story, too nice actually.
RE: Mfg Cert from AVM compromised - occalifornia - 19-11-2016
(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.
suspiciously nice (▀̿Ĺ̯▀̿ ̿)
RE: Mfg Cert from AVM compromised - FallGuy - 20-11-2016
(19-11-2016, 10:56 PM)occalifornia Wrote:(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.
suspiciously nice (▀̿Ĺ̯▀̿ ̿)
Why?
It's happened and all MSO should revoke this Mfg Certificate immediately.
The US MSO should check very fast if they CMTS software have installed the EuroDOCSIS Root Certificate and delete it. Many software releases holds both Root CA Certificates (US and EU).
RE: Mfg Cert from AVM compromised - occalifornia - 21-11-2016
(20-11-2016, 08:42 AM)FallGuy Wrote:(19-11-2016, 10:56 PM)occalifornia Wrote:(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.
suspiciously nice (▀̿Ĺ̯▀̿ ̿)
Why?
It's happened and all MSO should revoke this Mfg Certificate immediately.
The US MSO should check very fast if they CMTS software have installed the EuroDOCSIS Root Certificate and delete it. Many software releases holds both Root CA Certificates (US and EU).
It was a joke - hence the ASCII emoji..
RE: Mfg Cert from AVM compromised - newname - 21-11-2016
Oh yes...of course..the joke ASCII emoji vs a serious emoji...
Damn, "I could have had a V8 slap on the forehead".....
RE: Mfg Cert from AVM compromised - occalifornia - 23-11-2016
(21-11-2016, 11:48 PM)newname Wrote: Oh yes...of course..the joke ASCII emoji vs a serious emoji...
Damn, "I could have had a V8 slap on the forehead".....
It seems like humor is lost on this crowd.
RE: Mfg Cert from AVM compromised - FallGuy - 13-12-2016
Sorry for pushing this thread up but there is small update. Joel Stein will give a lightning talk at the 33C3 about the situation.
You can find his slides here:
https://events.ccc.de/congress/2016/wiki/Lightning:Hacking_DOCSIS
Im curious if the old AVM CA will come into Diagnostic Images like the Self Signed Stuff from Motorola or Scientific Atlanta did at Haxorware.
RE: Mfg Cert from AVM compromised - FallGuy - 30-12-2016
Here is an update regarding the lightning talk:
https://www.youtube.com/watch?v=B5uqQL-dKBU&feature=youtu.be&t=3785
It's really easy to create a own Intermediate CA with this private key.
Btw. during my investigations I found out that the Manufacturer Public Key is slightly to big to be handled without problems by Haxorware on the 3349 or even on a 3390 based 3.0 CM. So they will not send the Manufacturer Public Key during the BPKM handshake and the BPI process stucks. However, if I use the files on Puma based cable modems it'll work.
RE: Mfg Cert from AVM compromised - gjstroom - 04-07-2017
Anyone has a link or can mail this key ?