What's new
By:
Filters

externally viewing your box - warning

Also there is a set pattern of what the name of the web detect server is called. So never mind the hackers, this is an open door to the relevant authorities.

---------- Post Merged at 09:53 PM ----------

i have been a good boy. I told them to turn off their webif. They didn't. So I screen messaged.. Watch this.... and then did it for them. If all people were as nice as me.
 
Last edited:
Yes unless you have set up your box and router specifically to access your line outside your home network you don't need to worry.

---------- Post Merged at 09:22 AM ----------

If you have set it up external, just add a password to your box via a telnet command.
 
so I do want to access mine from outside the network. How do I secure using this telnet thing?
Cheers for the headsup
 
you can download a simple telnet program like PuTTY

PuTTY Download Page

then you would just open putty, click telnet, input your box details
input user name : root

then type passwd and hit enter then it will ask u new password, enter ur password, hit enter and enter password again and hit enter

---------- Post Merged at 12:38 PM ----------

despite this thread on here... I actually found someone using my slyk1hd v3 skin last night with an insecure openwebif. They weren't actively watching their tv, so I couldn't wind them up.
I ca'nt abuse one of my own though ;)
 
and if they are not on this forum, they will be paranoid there is a backdoor in my skin that enables me to get into their box.

---------- Post Merged at 07:48 PM ----------

but they did have V3 so they must surely be on here. Not many people have that on boxes they are selling yet.
 
hahahaha.. all this fun is technically electronic tresspass.. please go read about it if you fancy sniffing about first and the laws and penalties that are involved. The last time i was hummm caught i was looking at 5 years on holiday with 3 square meals a day and a lovely room with a single bed and onsuite bathroom.. :( lol mind i wasn't looking for open webif ports, just remember EVERYTHING you do on your internet connection is tracable even tru the tor network and exit nodes (how do you think the kiddie porn rings get busted and you hear now and again about someone hiring a hitman) lol your provider has to keep logs and the second you start hammering 60000 ip addresses i think there system might put a monitor flag on you account.... when i got my fingers slapped they produced a yellow pages thick pile of ip address that i had port scanned for an old backdoor called subseven ( I was bored one night and has some fun with a student wannabe hacker that installed the server and client "tit").. the worst bit was the offence for pbx'in thu coca cola uk's 0800 landline.. but lets say id did learn my lesson .. ps guys that was actually before the internet as u know it now was born and dial up with a 2400bps modem was mega fast and my 286 with 1 meg ram was state of the art and cost best part of 400 notes.. hahahaha
 
sirhc... I have had my fun now, I have only been scanning s very small specific set of IP addresses on sky and virgin ips and for a very specific server name . It isn't actually illegal to scan for port vulnerabilities, but as you say it is if I then try and access them. But the openwebif ips don't have a username or password, therefore the user has made it publically available so I am not brute forcing my way into their system.For better or worse about 80% of the insecure openwebifs have now either been re-assigned new IPs or they have secured them. So my mission is complete. And like what you say you can't keep doing this as you will certainly pop up on someones radar and probably end up with man sausage for breakfast every morning.
 
Last edited:
Kiddac I don't know what i'm doing wrong here but I've set http authorisation on openwebif settings and using telnet changed the default password.

When I go to use openwebif it asks for my username and password, I put root as the username and my new password and it doesn't work.
I've tested my new password with telnet and it's letting me in fine!

Need to have it secure but can't use the thing like this
 
try it without the authorisation, you might just need the password. I don't know the answer as I don't have my box set up to be viewed externally.

---------- Post Merged at 08:48 PM ----------

have you also rebooted your box since you changed the password
 
I would imagine that many of the the viewers of those boxes who received the timely and unexpected messages hadn't a clue what was going on. My guess is that the box was set up by someone and they enabled remote access so they could carry out maintenance from the comfort of their armchair. I've set up some boxes for friends where I've showed the man of the house how to create the on-screen message, which was duly deployed on their unsuspecting wife. Great entertainment! lol
 
If you access any device connected to a public or private IP address or internet connection that does not belong to you or you do not have consent to access it then it is electronic trespass. the last time I looked up the relevant part of the uk law it was called the electronic trespass, it may have changed its name or been added to another part of some law that has been passed but I doubt they would have removed it. Even though nothing was done just by accessing and reading a single file the time stamp can be changed and thats all they need as proof that your ip address accessed the file and you did not have consent bla bla bla its just stupid shit that they can get you with and it only takes one slip and its gotcha time..... I seriously doubt that gchq and the gov will worry about you sniffing 8001 but your provider may think your up to summit that you should'nt and their monitoring software may flag you for review and start deep state packet inspection and then u get done for illegally downloading a movie or 60 and the odd 100 audio albums.. ROFL lol .

I use the message popup every day to get the wife to stick the kettle on and make a cuppa or ask to her come up and put my socks on cos me feet are getting cold or i have shuffled about in bed too much and the duvet has moved out of my reach and i need her to sort it for me.. its great but if i noticed a message on my screen i would be right on the computer to start tracing who the **** was in my system but i am a paranoid fooker now...

About 12 years ago i got a nice letter from (forgot the name) and it listed 3 music albums with each track name, the time I started the download, the exact file size down to bytes, the ip address i got them from and a warning that if i continued to illegaly download music tracks I would be prosecuted under some stupid half assed law, then a few years later they started taking people to court for it and conning them out of thousands of pounds.. to end this essay.. :bye: If you play with fire long enough you will get burned no matter how much fun you are having at the time.........
 
Sirhc I am a computer grad myself. Using the net before most people even knew it existed. I know the point you are getting at. But accessing a publically available IP address that has no login console is not a crime. All I am doing is accessing a web address. No different than type google.co.uk or typing 173.194.116.207 to access it.

In fact I am just going to see if these ips are robot scanned and appear in google search if you look for the right thing. Now that would be a major feck up.

** yes you can actually find these unsecure openwebif via google search. Oh Dear**

google-openwebif.jpg
no port scan required. No crime committed.

And yes I fully agree anyone that uses torrents, streaming sites, kodi, popcorn, showbox etc all risk prosecution. So all effort should be made to cover your arse.
You play the game you risk getting burned.

I like this thread it's interesting

---------- Post Merged at 12:22 PM ----------

and some people are right perverts... ha ha

Capture.JPG

---------- Post Merged at 12:23 PM ----------

why don't we get hustler tv and private tv. grrr. :(
 
You must log in or register to reply here.
Back
Top