Net SAPO flaws and vulnerabities

[Hacxx Under <hacxx20 () gmail com>]

There is several flaws in the SAPO internet service in portugal that allow
certain tasks to be made.

. Unautorized internet access
. Obtain sapo username and password
. Obtain subscriber phone number
. Obtain name, address, tax number, etc
. Activate aditional sapo services

REMOTE ADMINISTRATION

. Target a specific device
. Block sites (antivirus for example)
. Read user info via DHCP (mac, pc name)
. DNS Hijack
. Open internet to anyone via fake WAN

Since i dedicate a few days on this one i will not disclose in detail
(software + technics used). More info via mail or phone.

Hacxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/