Sep 15, 2018

PLDT HOME Fibr ONU Vulnerable

So long I have no any article posted on my blog a busy man like me who has two angel keeps on following on me is so difficult to be a freeman again to hang on the net for long hours. I have stumbled upon around hopping by hop, sniffing on what is going on to the PLDT HOME Fibr Optical Network Unit after I disclosed the credentials of the  "admin account unavailable" to make available it seems like smell fishy going around after they mass update the Fiberhome AN5506-04-XXX  recently.

I still went on and try to see if this is really happening by accident or by chance that the PLDT HOME Fibr subscriber ONT device information page is been there exposed to the public network and can be seen without any authentications needed, you do not need the PLDT FiberhomeSuperAdmin account or the adminpldt to open it. Upon scanning is going thru I found PLDT Fiberhome AN5506-04-F software version RP2658 is already naked to the internet, in one subnet I found one and in another subnet I found two. I am not sure if these people who owns the said AN5506-04-F is aware of it, I guess they are also trying to open their device serial communication port to gain the access of the PLDT HOME Fibr "admin account unavailable" to make it available because its on trending today on the Netizen forum that the adminplt full access is back again since the first week of September 2018.

To ordinary people like me if my phone number is being publicize to the whole world it is worthless what they gonna do with that telephone number do they can make money with it? Are you going to jail? Oh I see, there you are, YES you can go to jail if  your  residential landline identity will be used for any illegal activity masking it to the other ONU/ONT as if it is YOU will pretend to be the DOER, your phone line identity number can be spoof to the other PLDT ONU/ONT such as to any AN5506-XX-XXX for as long as the device is hook to the PLDT network it will work and can make the CALL. You knew it right you are already diving into their palace.

Enough for the slides, I intentionally blurred those information on the screenshot for the security reason. If you wish to obtain one of those above feel free to swim to the PLDT HOME Fibr networks.

I do not know if this is a sabotage of the co-employees of the PLDT company who demanded for regular position because of their long history contractualization its for another topic. As you have witnessed its not only the mac addresses of the connected client that is being compromised but also the telephone number. I heard about HTTP injection how true is it, and what about the DNS hijacking? Well lets take it to another story when we have more time to write. But wait a minute we are not done yet, am I excuse to this PLDT HOME Fibr ONU/ONT exploitation? Lets take a walk thru it WANs will investigate if my Fiberhome AN5506-04-FA software version RP2627 is also affected by this so called nakedness.

By using the same procedure sniffing on the WAN side of the ONU/ONT from the public network there is no difference with the above mention PLDT Fiberhome ONU AN5506-04-F software version RP2658, the subscriber information are always compromise and its not guaranteed that you are on safe hand. If this is not a sabotage then there is another implication of web page disclosure to everybody on the net. Perhaps the Engineering Technical Team of the PLDT company is tired of being requested to task the switching of the subscriber ONU from Routing Mode to Bridge Mode from enabling it to disabling it more over specially when you demand and request to waive the adminpldt "admin account unavailable" to be available. Perhaps this is also to lure the client of the PLDT HOME Fibr that indicating that if the AN5506-04-XXX series ONU is on routing mode its mode prone to exploits unlike if it is on bridge mode it will appear to more safer. In addition, Yes that is more favorable to the PLDT as a whole it will lessen their headache not only that but  rather a discounted bandwidth for every internet fiber broadband subscriber allocated speed.

You said it right, including me, see that! Take a look at it closer, zoom it, that is my homephone line identity number. You can dial it from anywhere, "your monthly bill is our priority we do not care about your security whether you like it or not, its only PLDT and GLOBE where you can choose from". I heard it right Sir!

Worst from what you are expecting, you can swallow your PLDT "fiberhomesuperadmin" account now its not needed, the FTP Server will not ask you that to login and it can be open from any of your favorite browser, begging the "waiver" for obtaining the permission of the adminpldt "admin account unavailable" to be granted is no longer required the FTP Server will not ask for username and password anymore. Now you are thinking if you want to be in Bridge Mode that will lock you down to your throat squeezing your allotted bandwidth as possible to 30% that you can use out of your 100% speed limit. Or stick on Routing Mode make your AN5506-04-XXX series be the public WiFi access point of your neighbor give them a FREE access of your internet without your knowing? But then what solution can I offer to my reader regarding on this matter that will hamper you as a subscriber of the PLDT HOME Fiber internet broadband.

Answer, I can not provide any either solution or suggestion  unless you are the NTC  to tell this Giant Telco to fix their bugs before those man hatted will misused leak information above mention.


Post a Comment