BT Home Flub: Pwnin the BT Home Hub

[NewsreadeR]

BT’s plan is to sneak one of these boxes into every UK home. Not only does the BT Home Hub support broadband but also VoIP (BT Broadband Talk), UMA mobile telephony (BT Fusion), and digital TV (BT Vision). Additionally BT will give users the option to use their BT Home Hub to join FON, a community-shared Wi-Fi. An unofficial source has reported us that there are 2+ million BT Home Hub users in the UK.

If you’re thinking: “well I’m not based in the UK so this research doesn’t concern me”, then think again! The BT Home Hub is just a Thomson/Alcatel Speedtouch 7G router. Furthermore, the vulnerabilities we found are most likely present in other Speedtouch models due to code reuse (more on that later).

So what can we do? Well, we can fully own the router remotely. At the moment we have three demo exploits which do the following:

* enable backdoor in order to control the router remotely
* disable wireless completely (can only be re-enabled if the user is technically capable)
* steal the WEP/WPA key

BT Home Flub: Pwnin the BT Home Hub | GNUCITIZEN

[Alan b]

How can they possibly get these into every home if firstly not everyone is with BT and secondly not everyone will have an interet in this purely because they might not have a wireless router to start with and will not want to pay again for one.

[edd2]

Hello,
Does anybody know if you can use the sky Netgear DG834GT on BT Broadband? My sister-in-law has just moved to BT from Sky and they have told her the sky box should work OK!

Thanks for any help

Edd2