Title: Hacking ASIC Innosilicon Miner Post by: bbritva on February 19, 2018, 08:22:18 PM Ulnerability in ASIC Miners Innosilicon allows you to bypass the administrator password check and change the pool settings.
Attack is done through the web panel. By default, you need to go to the /html/generalsetup.html page to configure the pool, if you were not previously authorized, you will be automatically transferred to the /html/login.html login page. When examining the pool settings page /html/generalsetup.html, the following code was found: Code: var islogin = getcookie('login'); This javascript code checks the presence of the 'login' cookie in the user's browser, if the cookie is not present, then redirects to the Login page. By adding the cookie name = 'login' value = 'true' manually, you can bypass the administrator password check and change the pool settings. This vulnerability exists on all versions of Innosilicon ASIC firmware with this interface: http://ipic.su/img/img7/fs/asic.1519071360.jpg To search for ASIC, it is possible to use censys.io with the query 'Miner Console' http://ipic.su/img/img7/fs/minerconsole.1519071271.jpg Please donate: BTC 1DJKmpCVGqyDZ2XgjQxKJgVa7V1JrJ3qAj LTC LgAJKkXT8GHSdwbb3qVWkaWfJbgLxetfqH Title: Re: Hacking ASIC Innosilicon Miner Post by: ccgllc on February 20, 2018, 07:18:32 PM Good info.
Bitmain Antminers are just as bad, with the API userid/password & port hardcoded into the firmware. It is why you NEVER want to run an Antminer (or apparently an Innosilicon) directly connected to the Internet. It will be hacked and mining for others within minutes. |