Remix.run Logo
VladVladikoff 3 hours ago

>42 hosts with remote management

>vender doesn’t want to fix it

Sometimes I wonder if the white hat hackers who find such a thing should just take it a step further and patch those hosts. Take the firmware, fix those bugs and update those 42 routers.

nerdsniper 3 hours ago | parent | next [-]

That would be “gray hat”. It would be illegal, though it has happened in the past and to my knowledge no one has yet been prosecuted for illegally fixing vulnerabilities.

But it’s definitely not white hat.

mrweasel an hour ago | parent | prev | next [-]

Someone did, a Russian dude (or at least Russian speaking) updated over a 100.000 Mikrotik routers. While he did get a few "Thank you" notes, some users was also pretty angry with him.

https://www.zdnet.com/article/a-mysterious-grey-hat-is-patch...

CrzyLngPwd 3 hours ago | parent | prev | next [-]

Probably simpler to brick them, forcing the owners to upgrade to a modern and supported device.

milkshakes 3 hours ago | parent [-]

https://en.wikipedia.org/wiki/BrickerBot

itintheory 3 hours ago | parent | prev | next [-]

Isn't just as illegal as exploiting them for nefarious purposes? That's a pretty big risk to take to help a few dozen strangers on the Internet. What happens if your fix has an unforeseen interaction with some configuration on a remote system and your actions cause outage or worse?

binaryturtle 3 hours ago | parent | prev [-]

Just flash OpenWRT to them? :) (a script could prepare a matching default config)