illmob

Seems Comcast has a hidden admin user account on their business class modems other than the usual user:cusadmin-pw:highspeed. You can log in locally using the username mso and password: D0nt4g3tme . Furthermore you can also use Cross Site Request Forgery in iframes to set the modem to open up its remote admin ports to all IP’s not just the ones Comcast has preconfigured. If you wanna test this out you can visit this URL http://illmob.org/comcast BEWARE, if you are on vulnerable Comcast modem it will open remote access to your modem on http port 80, https port 8181 and telnet 2323.

Props to the guys @ Trustwave for the iframe POC.

Used by Stuxnet to escalate privs in win2k and XP Explanation of the code ::here:: and source code ::here::

Thats right bitches, after 6 long retarded years being under the government’s thumb for some bullshit charges ,I am finally a free man!!!!