![]() The GET request was then put into our JavaScript. We crafted a GET request out of the POST request along with its parameters which asks the settings binary to change the AP name and password. To test this premise, we first exploited the combination of unauthenticated access to the web app alongside the POST/GET conversion. It’s a spray approach, which guarantees to eventually hit the AirStream device. This JavaScript determines the IP range of the LAN using the browser and forces the browser to send HTTP GET requests all over the network, 192.168.0.0/24 (for example). Our proof of concept ( PoC ) page looks like this: Then, since we don’t know the actual IP of the AirStream on the LAN, we send our target user a link to a webpage which holds CSRF-spraying JavaScript. So, we first identify a user connected either directly to their AirStream, or connected concurrently with their AirStream to the LAN. Proof of Concept STEP 1 – Identification for CSRF:ĬSRF doesn’t necessarily need to happen over the Internet: due to the way the device is made our targeted user always has unauthenticated access to their web interface through their home/office LAN. A normal user can’t change these default credentials on the web app configuration page so they’re likely to stay default making owning this device too easy and not fun. The user has got it through the post, turned it on, actually set up authentication on the AirStream itself, so it’s not just left as an open AP (if it has been left as an open AP, hitting the telnet port with the undocumented default user/password of root/ifconfig (We know, sigh) will give us a shell). Okay, so let’s imagine that this has been set up properly. Does system configuration settings (SSID, media server name, local Wi-Fi connection SSID & password) through a web API which sends XML-looking calls to a binary in the /cgi-bin folder.Can be accessed if connected to its own AP or through the Wi-Fi network it’s been connected to.Has a user-facing web application for changing config setting (but no login functionality or HTTPS).Acts as an access point (which, at default configuration, is open).So let’s see the ingredients here (and some of our immediate observations): And like a lot of similar products on the market, it’s also a little Linux box. You set up the server, and can send tunes from your phone to the server, whenever you’re connected to the Wi-Fi. The AirStream runs on a local Wi-Fi network, supporting Airplay and DNLA. Cheap and on the first page of Amazon results, it looked ideal for our purposes. ![]() More details about Uyesee SoundMate M2 will find here You can buy Uyesee SoundMate M2 for only $37.80 with free shipping from here.We recently decided to buy a music streamer the Neet AirStream NAS1.1 – so we could more easily broadcast Kiss from a Rose around the PTP office. IOS devices:All DLNA and Airplay supported APP flac,apeĪndroid: All DLNA and airplay supported APP UyeSee SoundMate M2 specifications and featuresġ.Professional Router Chipset and Audio DACĢ.Compliant 802.11b/g/n standard(Max 150Mbps)ĥ.Supports airplay audio format. Stay close, I will be back with a first impressions experience and a review for this device. Multi-Enviroment: home, hotel, outside, in the car Support Multi-people online, share music one by oneġ3. Supports iPhone, iPad, iPod touch and Android deviceġ2. Free App for Android, iOS, Windows, MAC devicesġ1. iPhone, iPad, iPod touch can transmit and play the music without Appĩ. WiFi encryption by WPA, WPA2, WPA2 Mixedħ. ![]() Support HIFI and lossless Music with Optical outputĦ. Support play the online and Local music from InternetĤ. Supports IOS/Android/Windows/MAC devices sharing music to soundmate via WiFiĢ. – UyeSee SoundMate M2 Wi-Fi Music Streaming Receiverġ. It will even work in car since it is powered via USB cable. The mountable Wi-fi antenna is another plus of this amazing music box, increasing significantly the range of action. The aluminum housing also ensures that the device will not get very hot during using it. ![]() It looks really great, the aluminum housing giving you a genuine touch sensation of a premium quality product, and not compromising any details. The device itself is very small and fits in the palm of your hand. UyeSee SoundMate M2 Wi-Fi Music Streaming Receiver allows you to wirelessly play audio files from your smartphone or computer to speakers connected to a 3.5mm jack or an audio receiver connected to the optical S/PDIF output of the device. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |