funsec mailing list archives
Re: Verizon Service, Actiontec Gateway, and SSL Certifcate
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 29 Apr 2013 03:00:49 -0400
Forgot to mention.... You can get to the certificate via https://192.168.1.1 (or similar), or OpenSSL's s_client. It should look similar to below. Jeff $ echo "Get HTTP 1.0" | openssl s_client -connect 192.168.1.1:443 CONNECTED(00000003) depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group verify error:num=18:self signed certificate verify return:1 depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group verify return:1 --- Certificate chain 0 s:/C=US/CN=ORname_Jungo: OpenRG Products Group i:/C=US/CN=ORname_Jungo: OpenRG Products Group --- Server certificate -----BEGIN CERTIFICATE----- MIIClTCCAf6gAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEs MCoGA1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwHhcN MDQwNjAzMTExMTQzWhcNMjQwNTI5MTExMTQzWjA7MQswCQYDVQQGEwJVUzEsMCoG A1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwgZ8wDQYJ KoZIhvcNAQEBBQADgY0AMIGJAoGBAM49r7D/ajki5azd5XYxVcSnKoth9lJxvI+m vaZjzORt0oLoMWrMbpwFjtLTqqhtWNeY6BAyShWg7yKFsPU0HpX/jHIOAzAkny5J +loH8nLN596g3P0ZyD6z7Ckqgbzg9MfJ9XLrExMLBn6oLboksY+q67+5zASWMfLR ZVg+Zv1VAgMBAAGjgagwgaUwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8EBAMCAvQw MQYDVR0lBCowKAYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUH AwEwPwYJYIZIAYb4QgENBDIWMEp1bmdvIE9wZW5SRyBQcm9kdWN0cyBHcm91cCBz dGFuZGFyZCBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCAsQwDQYJKoZIhvcN AQEEBQADgYEAntbWzY/kUhqtd5lN+ZEY2gYSkt9fWoiLZod9hgMs14I+JGRWuRD1 re93wvlF1FFvxJOkz2MLc0dkR0z0/W36z7Tw7ypJU/81dynta9yIWLSywdn1/Y6A 7V6BwyQFRuJlg2/nDP+tUltc6cXbUe8GdTm2IATAzER8OKGRbBMtXqs= -----END CERTIFICATE----- subject=/C=US/CN=ORname_Jungo: OpenRG Products Group issuer=/C=US/CN=ORname_Jungo: OpenRG Products Group --- No client certificate CA names sent --- SSL handshake has read 827 bytes and written 424 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: ... Session-ID-ctx: Master-Key: ... Start Time: 1367218703 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- DONE $ On Mon, Apr 29, 2013 at 2:23 AM, Jeffrey Walton <noloader () gmail com> wrote:
Hi All,
I have Verizon service which provides an Actiontec gateway. The
gateway is model MI424WR, running firmware 40.20.1. ("Firmware Update"
claims its up to date, even though there's been no updates for quite
some time, including patches to dhcp and libupnp).
Can anyone verify the certificate (and key pair) included with the
gateway is unique (or better, static)? Below are the thumbprints and
certificate details from OpenSSL after exporting the certificate (from
Firefox).
Bonus points: does anyone know how to generate a new certificate or
upload a new certificate? The Actiontec manual only mentions SSL
certificates when it says to ignore warnings and proceed because its
safe [1] (seriously!).
Thanks
Jeff
[1] http://support.actiontec.com/doc_files/MI424WR_Vz_User_Manual_4.0.16.1.45.160_v4.pdf
$ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -fingerprint
SHA1 Fingerprint=43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11
$ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, CN=ORname_Jungo: OpenRG Products Group
Validity
Not Before: Jun 3 11:11:43 2004 GMT
Not After : May 29 11:11:43 2024 GMT
Subject: C=US, CN=ORname_Jungo: OpenRG Products Group
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:ce:3d:af:b0:ff:6a:39:22:e5:ac:dd:e5:76:31:
55:c4:a7:2a:8b:61:f6:52:71:bc:8f:a6:bd:a6:63:
cc:e4:6d:d2:82:e8:31:6a:cc:6e:9c:05:8e:d2:d3:
aa:a8:6d:58:d7:98:e8:10:32:4a:15:a0:ef:22:85:
b0:f5:34:1e:95:ff:8c:72:0e:03:30:24:9f:2e:49:
fa:5a:07:f2:72:cd:e7:de:a0:dc:fd:19:c8:3e:b3:
ec:29:2a:81:bc:e0:f4:c7:c9:f5:72:eb:13:13:0b:
06:7e:a8:2d:ba:24:b1:8f:aa:eb:bf:b9:cc:04:96:
31:f2:d1:65:58:3e:66:fd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE, pathlen:5
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment,
Data Encipherment, Certificate Sign
X509v3 Extended Key Usage:
TLS Web Client Authentication, Code Signing, E-mail
Protection, TLS Web Server Authentication
Netscape Comment:
Jungo OpenRG Products Group standard certificate
Netscape Cert Type:
SSL Client, SSL Server, SSL CA
Signature Algorithm: md5WithRSAEncryption
9e:d6:d6:cd:8f:e4:52:1a:ad:77:99:4d:f9:91:18:da:06:12:
92:df:5f:5a:88:8b:66:87:7d:86:03:2c:d7:82:3e:24:64:56:
b9:10:f5:ad:ef:77:c2:f9:45:d4:51:6f:c4:93:a4:cf:63:0b:
73:47:64:47:4c:f4:fd:6d:fa:cf:b4:f0:ef:2a:49:53:ff:35:
77:29:ed:6b:dc:88:58:b4:b2:c1:d9:f5:fd:8e:80:ed:5e:81:
c3:24:05:46:e2:65:83:6f:e7:0c:ff:ad:52:5b:5c:e9:c5:db:
51:ef:06:75:39:b6:20:04:c0:cc:44:7c:38:a1:91:6c:13:2d:
5e:ab
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 28)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)