Decrypting my ISP's ZTE F670L router config in 5 minutes
4 points by notvcto
by up-n-atom
0 subcomment
it’s a commonality. we discover the same over and over on the 8311 discord at pon.wiki. often the result of disclosure is a firmware update that removes the ability to create a configuration backup and restore.
by notvcto
0 subcomment
Grabbed the config.bin off my ISP-provided ZTE F670L, decrypted it in about 5 minutes. The "encryption" key is just the serial number base concatenated with the byte-reversed MAC address... both printed on the sticker.
Inside: GPON credentials, TR-069 ACS config, VoIP SIP keys, and a hidden super admin account with full privileges. The password was in HaveIBeenPwned.
Hacker News