Full Disclosure mailing list archives
Re: Sunny WebBox Default Password
From: Jeffrey Walton <noloader () gmail com>
Date: Fri, 23 Dec 2011 15:55:37 -0500
On Fri, Dec 23, 2011 at 11:02 AM, Hacxx Under <hacxx20 () gmail com> wrote:
Sunny Web Box is a device that has a web interface and it's used as a reader for solar energy microproducers. The default password is "SMA" The devices can be founfd using intitle: "Sunny WebBox" ------- Hacked Boxes http://mariorodrigues.dynip.sapo.pt http://gisolar.cannondesign.com http://pvpichler.dyndns.org:509 http://217.113.37.189:80 http://zodiac.hostein.org:8081 http://79.1742.145.114 http://67.78.27.35 http://217.133.100.238:8082 http://news.hartwellps.vic.edu.au http://energiasolar.ues.edu.sv http://solar.amy.gr http://xserver.clio.it
They also use MD5 in a JSON request over HTTP. Not surprisingly: $ echo SMA | md5sum 8872966064a33f7520d11c0fffe7e517 [Google for 8872966064a33f7520d11c0fffe7e517] http://hash.phelix.lv/md5/371bd54577d68567ed50af283052e0d1/SMA.htm It looks like this has been known for some time. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Sunny WebBox Default Password Hacxx Under (Dec 23)
- Re: Sunny WebBox Default Password Jeffrey Walton (Dec 23)
- Re: Sunny WebBox Default Password Larry W. Cashdollar (Dec 24)
- Re: Sunny WebBox Default Password Jeffrey Walton (Dec 23)