Best Buy's Uber Insecurity

by skilar  (skilar@linux.net)

As consumers, most of us are familiar with Best Buy.

As hackers, most of us are familiar with the insecurities of wireless routers and networks.  This article will describe the combination of the two and how that mixture is to Best Buy's disadvantage.

Getting Around the Best Buy Interface

So you are on one of the laptops in Best Buy but all you can use is that pesky thing I like to call the "Best Buy Interface."

You can browse some products, get information about the parts of a computer, and basically do anything but mess with Windows.  This interface is extremely easy to escape from and is virtually useless in protecting anything on the computer.

All it took was a little messing around in the interface to find out that in the top-right of the screen there were six letters that you could click on.  This would minimize the interface and give you full access to that machine.

Getting Access to the Web

Once I had access to the entire box, I decided that some exploring was in order.

First I fired up Internet Explorer.  The homepage, emachines.com, didn't load but brought up an error.

No other pages would load either.  I doubled-checked that the machine had a wireless card and that it was connected to the network, which it was.  The thing I didn't know however was why I couldn't access the Internet.

To figure this out, I opened up CMD.EXE and ran IPCONFIG.  This brought back the following data:

C:\Documents and Settings\BestBuy> ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . : 192.168.0.104 Subnet Mask . . . . . . : 255.255.255.0 Default Gateway . . . . : 192.168.0.1 C:\Documents and Settings\BestBuy>

After seeing this, I was positive that the machine was actually connected to Best Buy's wireless network and that it should be able to access the Internet.

Messing With the Router

Since I knew I should have access to the Internet, I thought that perhaps the problem was a setting in their router.

In Internet Explorer, I entered the default gateway address, or: 192.168.0.1

After pressing Enter, a basic authentication box popped up with the User Name: and Password: input fields.  Naturally, I entered admin and the user and no password.

Amazingly, Best Buy had not changed the password on their router and I was presented with the router's administrative page.  As I toyed with their settings I noticed some blocked ports, with 80 being included.  This was the source of my problem.  I unblocked all of the ports, and then I was granted access to the Internet.

Final Thoughts

Wireless networks are insecure in general, but one would think that a company like Best Buy would actually have changed the password on their router.

This just reinforces the fact that anyone's network could be insecure, even large corporations.

Thanks to Shift788 for checking this out in a second location.

Greetz: yellog, I03rr0r, kobs, eddie, and the NixSec crew.