Видео

One way to do it in failsafe mode to have root shell is mount _root passwd -d root reboot You can change root to any username.

Us market so suck it's own 🍆

Woohoo found a license plate number on a camera 🎉🎉🎉 notify me when you have owner registration status and addresses otherwise waste of time.

If you’re driving a newer vehicle, your vehicle is sending data back to the manufacturer on the car company about every move you make, and knows how fast you’re going. When you slow down where you slow down at it’s got GPS on it. Remember the murder trial they had him slowing down at the river, and that’s where her phone disappeared, that was the last place they had a tag on it. I don’t know what happened to it after he slowed down right there by the river they assume it’s somewhere in the river

What’s really shocking is how many of you who watch this video have no clue of the rights that you have or don’t have in public and lotta you don’t even realize that they’re being violated every single day and no one‘s being held accountable for it but when you get pulled over, you see those red blue lights you just apply you do whatever they tell you and that’s just ridiculous. Don’t comply when you go into a public building and they want you to leave your phone in your gun in the car then the only people in the government building who have guns are the government who’s the hostage now?

They use them for Geo fencing, which is illegal rule, but they still use them

Could you make tutorial on one of the 5G CPE devices

Ir illumination even when there is no light. Then why on earth do we get busted for a license plate bulb not working? Probable cause maybe?

You'd think they'd be behind some layer of filtration simply to prevent malicious attacks to disable them. I assume if you can connect on all those ports, that management access isn't filtered or restricted by IP address.

It's not the public I worry about it's the government that's got to set up in the first place.That's the problem

simply because TP-Link is FAR BETTER than US products...

I got the Hakko FM2023 mini hot tweezers years ago. Waste of money without preheat of board + components. The old FX951 sits beside my FM203 running those tweezers, FM2032 and FM2027 and desoldering stuff. All Hakko. I bought all-in. it's served my business well, paid for themselves. Except for the mini hot tweezers. For the most part it's a joke: One tip is hot and the other tip isn't.

Do those chinese power supplies perform reliably?

I would love to see a video on extracting firmware from an eero router. My fiber provider tries to push the eero onto customers because they have a custom firmware for it that gives them a backdoor to customers networks and I think like most things isp related it likely isn’t the most secure .

What was the password

The login info is username:superadmin Password Y_qKrIrTQyp_

It's absolutely a big deal that they are leaking this data. Thank you for exposing this. Great video

Banned from what? How would ANYONE know what I have or USE in this thing called the privacy OF MY HOME? What if I just put a network device between the TP-Link router and the cable internet modem? I can then disable/control the host log-in address from ever appearing on MY NETWORK. I can change the SSID names. How could "a ban" ever be enforced?

Most TP-Link routers have an emergency TFTP flash mode, you can flash OpenWRT or whatever you like without JTAG, UART, EEPROM programmers...

Before we even get into the weeds about what BS this device is, can we take a moment to cringe at all the wasted space in that enclosure. It's much larger than it needs to be. Then we can take a moment to appreciate that the OpenWrt banner used to have cocktail recipes while also noting that this version is more than 10 years old.

Awesome tip for googling the hash Matt. That just went woosh plain over the top till you mentioned that. Thanks 👍

American lies American lies inventions

... хоспадеблять, классика пустой суеты ради создания мусора для ютуб.

You should make a video on how to keep these devices from reaching out to the internet

Matt, this was super interesting! Hardware hacking is a topic which doesn't get much attention

I was an OpenWRT on cheap TP-Link router guy. Unfortunately, the lack of open source drivers for modern broadcom and realtek radios made that approach a dead end. Thankfully, MediaTek stepped up with modern radios with mainline linux support. I like the banana pi router boards, including the openwrt one. I ended up getting a new asus ax6000 tuf gaming router with mainline openwrt support for a great price. it's great to see openwrt going strong.

liked the way is edited, is more natural to see doubts and thinking moments, is the real way of working behind the camera.

Is the firmware analysis in the room with us right now?

I wonder if that domain is up for grabs free back door

Why did you have to unsquash, didn't binwalk already extract?

Yeah all law enforcement should have since people don't want to give any information not even I'd let alone insurance...stop all the hasel they only stop you if there is a red flag on your plate

Hmm... so an attacker is going to gain entry into my house, gain physical access to my tp-link router that is operating in bridge mode that sits my crappy cisco asa firewall, take out the board, de-soldered the flash chip on it, plug it into a reader so they can get access to my password while staring down my cane corso. Okay, ban the device.

Sometimes you have to realize that when you've come up with the same information that everybody else could see with their own two eyes, that you're a nerd. I've seen this kid at his real job. He works at Walmart as a security guard.

I feel bad for the guy in Taiwan...

you are covered. lv your passion and analysis

I will buy OpenWRT Ten. By than they will make the product mature.

38:32 could the daemon.bak be the same file that the device downloads from the servers

I'm going to have to try that drink that it lists on boot :)

The tools to put that chip back on the board or like $5 more dollars from what you already have. All you need is the reball stencil and solder paste, then just hit it with the hot air.

Hey Matt I just bought a ryoko router do I have to worry about it looking into my bank account.??

I used to love open source projects. But now they’re all being scraped into training AI to replace programmers and I’m tired of being my own tech support. Just buy from a reliable US based company run by real Americans ( or whatever country you live in).

problem is you are not a true hacker; only a true hacker unbound by rules and restriction can hack and is a master of UNIX.....

Could you please show how to get the XGecu software running in wine? Or maybe point out to some documentation? I own a T48 and it really sucks always having to dual boot Windows or start a VM to use it. I tried to get it working in Wine a while ago but did not have any success.

Is this User Error? Can Setup Prevent user error by requiring the admin pass be changed before data can pass from the Wan to the Lan? OR as we have seen in some devices are hidden/diagnostic Backdoors being opened to allow access and the user can not close them. What you have shown is not dramatic or proof of evil doing by the manufacturer but it might be dangerous. But is it any different than the normal operation of Windows that exposes your device, logs data, transfers data which you can not prevent. There needs to be privacy standards and security standards for the future... but what you have shown isn't as malicious as what we have seen from some manufacturers intentionally opening doors that can't be closed... .. Just like we are fighting for the freedom to Repair our own devices like iPhones or even Caterpillar Tractors we should fight for the ability to completely shut any door or phone home or memory dump sent to manufacturers for their "testing" or Tracking of our use of our local devices or the connections they make to remote devices like browsing on the web.. AND THEN a subject no one talks about... YOUR ISP IS TRACKING EVERY CLICK YOU MAKE AND CACHING IT... Squid Servers, DNS Caching and so many ways... AND even if you Air Gap your computer there is the possibility to run exploits across that air gap... ....... Its more than I care to know.. but its all real... they can even get you across an Air Gap so you're basically fucked.... HOWEVER IT ALL COMES DOWN TO ... is this User Error? that maybe can be prevented with better setups.. Is this 100% intentionally Malicious? is this incompetence? or is it the fact that every device can be exploited if enough effort is put forth... ........... What you showed was cute.. and you can write ip range scanners to find systems that go beyond some website lookup.. but ... also please don't expose system IPs you find on those searches even if everyone else can.. you showed an IP supposedly in Taiwan that was open .. this video has been seen by 1.4 million people... not a good thing to do .. its like opening Google Maps showing a home and saying... They leave their doors unlocked .. maybe they do but maybe 1.4 Million people didn't know that who now do.

I feel stupidier each time i see a video.. Just when i think i figured something out. I watch a new video and go.. nope.. back to basic.. looking at back doors in my own routers and cameres..

It only has dual band WiFi 6? That’s a no from me.

I have no idea what language you just spoke 😁 im 💯 confused, but even I can see how vulnerable people are as well as how bad these units are. Its almost like they are designed to be utilized in this manner. Crazy stuff just subbed 👊🏻💯

Hmm, I commented on this video a few days ago, but that comment seem to have been removed as it doesn't even show up in my comment history. I included a link to FCC documents then, may be why. Anyway, Matt, you should dig deeper into what the firmware actually is up to. The more I look into it, the weirder it gets. TrustPilot is full of 1-star reviews, with some people claiming to have been hacked multiple times after installing the device on their network, and the internals and details on how it is supposed to work are classified. The device has direct links to Russia, China and Israel, so this may have been a trojan horse of sorts, rather than simply snake-oil. Either for spying and exfiltration, or as an egress point for tunneling traffic.

What kind of devices can be used to counter the technology on a daily basis for the reasonable citizen

Nice video! I hope this project can grow much more. Do you know what is the range of the wireless connection?