funsec mailing list archives
Re: Verizon Service, Actiontec Gateway, and SSL Certifcate
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 29 Apr 2013 03:00:49 -0400
Forgot to mention.... You can get to the certificate via https://192.168.1.1 (or similar), or OpenSSL's s_client. It should look similar to below. Jeff $ echo "Get HTTP 1.0" | openssl s_client -connect 192.168.1.1:443 CONNECTED(00000003) depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group verify error:num=18:self signed certificate verify return:1 depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group verify return:1 --- Certificate chain 0 s:/C=US/CN=ORname_Jungo: OpenRG Products Group i:/C=US/CN=ORname_Jungo: OpenRG Products Group --- Server certificate -----BEGIN CERTIFICATE----- MIIClTCCAf6gAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEs MCoGA1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwHhcN MDQwNjAzMTExMTQzWhcNMjQwNTI5MTExMTQzWjA7MQswCQYDVQQGEwJVUzEsMCoG A1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwgZ8wDQYJ KoZIhvcNAQEBBQADgY0AMIGJAoGBAM49r7D/ajki5azd5XYxVcSnKoth9lJxvI+m vaZjzORt0oLoMWrMbpwFjtLTqqhtWNeY6BAyShWg7yKFsPU0HpX/jHIOAzAkny5J +loH8nLN596g3P0ZyD6z7Ckqgbzg9MfJ9XLrExMLBn6oLboksY+q67+5zASWMfLR ZVg+Zv1VAgMBAAGjgagwgaUwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8EBAMCAvQw MQYDVR0lBCowKAYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUH AwEwPwYJYIZIAYb4QgENBDIWMEp1bmdvIE9wZW5SRyBQcm9kdWN0cyBHcm91cCBz dGFuZGFyZCBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCAsQwDQYJKoZIhvcN AQEEBQADgYEAntbWzY/kUhqtd5lN+ZEY2gYSkt9fWoiLZod9hgMs14I+JGRWuRD1 re93wvlF1FFvxJOkz2MLc0dkR0z0/W36z7Tw7ypJU/81dynta9yIWLSywdn1/Y6A 7V6BwyQFRuJlg2/nDP+tUltc6cXbUe8GdTm2IATAzER8OKGRbBMtXqs= -----END CERTIFICATE----- subject=/C=US/CN=ORname_Jungo: OpenRG Products Group issuer=/C=US/CN=ORname_Jungo: OpenRG Products Group --- No client certificate CA names sent --- SSL handshake has read 827 bytes and written 424 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: ... Session-ID-ctx: Master-Key: ... Start Time: 1367218703 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- DONE $ On Mon, Apr 29, 2013 at 2:23 AM, Jeffrey Walton <noloader () gmail com> wrote:
Hi All, I have Verizon service which provides an Actiontec gateway. The gateway is model MI424WR, running firmware 40.20.1. ("Firmware Update" claims its up to date, even though there's been no updates for quite some time, including patches to dhcp and libupnp). Can anyone verify the certificate (and key pair) included with the gateway is unique (or better, static)? Below are the thumbprints and certificate details from OpenSSL after exporting the certificate (from Firefox). Bonus points: does anyone know how to generate a new certificate or upload a new certificate? The Actiontec manual only mentions SSL certificates when it says to ignore warnings and proceed because its safe [1] (seriously!). Thanks Jeff [1] http://support.actiontec.com/doc_files/MI424WR_Vz_User_Manual_4.0.16.1.45.160_v4.pdf $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -fingerprint SHA1 Fingerprint=43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11 $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, CN=ORname_Jungo: OpenRG Products Group Validity Not Before: Jun 3 11:11:43 2004 GMT Not After : May 29 11:11:43 2024 GMT Subject: C=US, CN=ORname_Jungo: OpenRG Products Group Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:ce:3d:af:b0:ff:6a:39:22:e5:ac:dd:e5:76:31: 55:c4:a7:2a:8b:61:f6:52:71:bc:8f:a6:bd:a6:63: cc:e4:6d:d2:82:e8:31:6a:cc:6e:9c:05:8e:d2:d3: aa:a8:6d:58:d7:98:e8:10:32:4a:15:a0:ef:22:85: b0:f5:34:1e:95:ff:8c:72:0e:03:30:24:9f:2e:49: fa:5a:07:f2:72:cd:e7:de:a0:dc:fd:19:c8:3e:b3: ec:29:2a:81:bc:e0:f4:c7:c9:f5:72:eb:13:13:0b: 06:7e:a8:2d:ba:24:b1:8f:aa:eb:bf:b9:cc:04:96: 31:f2:d1:65:58:3e:66:fd:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE, pathlen:5 X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Certificate Sign X509v3 Extended Key Usage: TLS Web Client Authentication, Code Signing, E-mail Protection, TLS Web Server Authentication Netscape Comment: Jungo OpenRG Products Group standard certificate Netscape Cert Type: SSL Client, SSL Server, SSL CA Signature Algorithm: md5WithRSAEncryption 9e:d6:d6:cd:8f:e4:52:1a:ad:77:99:4d:f9:91:18:da:06:12: 92:df:5f:5a:88:8b:66:87:7d:86:03:2c:d7:82:3e:24:64:56: b9:10:f5:ad:ef:77:c2:f9:45:d4:51:6f:c4:93:a4:cf:63:0b: 73:47:64:47:4c:f4:fd:6d:fa:cf:b4:f0:ef:2a:49:53:ff:35: 77:29:ed:6b:dc:88:58:b4:b2:c1:d9:f5:fd:8e:80:ed:5e:81: c3:24:05:46:e2:65:83:6f:e7:0c:ff:ad:52:5b:5c:e9:c5:db: 51:ef:06:75:39:b6:20:04:c0:cc:44:7c:38:a1:91:6c:13:2d: 5e:ab
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 28)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)