Re: [funsec] Verizon Service, Actiontec Gateway, and SSL Certifcate

Mon, 29 Apr 2013 00:01:48 -0700 

Forgot to mention.... You can get to the certificate via
https://192.168.1.1 (or similar), or OpenSSL's s_client. It should
look similar to below.

Jeff

$ echo "Get HTTP 1.0" | openssl s_client -connect 192.168.1.1:443
CONNECTED(00000003)
depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, CN = ORname_Jungo: OpenRG Products Group
verify return:1
---
Certificate chain
 0 s:/C=US/CN=ORname_Jungo: OpenRG Products Group
   i:/C=US/CN=ORname_Jungo: OpenRG Products Group
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIClTCCAf6gAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEs
MCoGA1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwHhcN
MDQwNjAzMTExMTQzWhcNMjQwNTI5MTExMTQzWjA7MQswCQYDVQQGEwJVUzEsMCoG
A1UEAxQjT1JuYW1lX0p1bmdvOiBPcGVuUkcgUHJvZHVjdHMgR3JvdXAwgZ8wDQYJ
KoZIhvcNAQEBBQADgY0AMIGJAoGBAM49r7D/ajki5azd5XYxVcSnKoth9lJxvI+m
vaZjzORt0oLoMWrMbpwFjtLTqqhtWNeY6BAyShWg7yKFsPU0HpX/jHIOAzAkny5J
+loH8nLN596g3P0ZyD6z7Ckqgbzg9MfJ9XLrExMLBn6oLboksY+q67+5zASWMfLR
ZVg+Zv1VAgMBAAGjgagwgaUwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8EBAMCAvQw
MQYDVR0lBCowKAYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUH
AwEwPwYJYIZIAYb4QgENBDIWMEp1bmdvIE9wZW5SRyBQcm9kdWN0cyBHcm91cCBz
dGFuZGFyZCBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCAsQwDQYJKoZIhvcN
AQEEBQADgYEAntbWzY/kUhqtd5lN+ZEY2gYSkt9fWoiLZod9hgMs14I+JGRWuRD1
re93wvlF1FFvxJOkz2MLc0dkR0z0/W36z7Tw7ypJU/81dynta9yIWLSywdn1/Y6A
7V6BwyQFRuJlg2/nDP+tUltc6cXbUe8GdTm2IATAzER8OKGRbBMtXqs=
-----END CERTIFICATE-----
subject=/C=US/CN=ORname_Jungo: OpenRG Products Group
issuer=/C=US/CN=ORname_Jungo: OpenRG Products Group
---
No client certificate CA names sent
---
SSL handshake has read 827 bytes and written 424 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID: ...
    Session-ID-ctx:
    Master-Key: ...
    Start Time: 1367218703
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
DONE
$

On Mon, Apr 29, 2013 at 2:23 AM, Jeffrey Walton <[email protected]> wrote:
> Hi All,
>
> I have Verizon service which provides an Actiontec gateway. The
> gateway is model MI424WR, running firmware 40.20.1. ("Firmware Update"
> claims its up to date, even though there's been no updates for quite
> some time, including patches to dhcp and libupnp).
>
> Can anyone verify the certificate (and key pair) included with the
> gateway is unique (or better, static)? Below are the thumbprints and
> certificate details from OpenSSL after exporting the certificate (from
> Firefox).
>
> Bonus points: does anyone know how to generate a new certificate or
> upload a new certificate? The Actiontec manual only mentions SSL
> certificates when it says to ignore warnings and proceed because its
> safe [1] (seriously!).
>
> Thanks
> Jeff
>
> [1] 
> http://support.actiontec.com/doc_files/MI424WR_Vz_User_Manual_4.0.16.1.45.160_v4.pdf
>
> $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -fingerprint
> SHA1 Fingerprint=43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11
>
> $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -text
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 0 (0x0)
>     Signature Algorithm: md5WithRSAEncryption
>         Issuer: C=US, CN=ORname_Jungo: OpenRG Products Group
>         Validity
>             Not Before: Jun  3 11:11:43 2004 GMT
>             Not After : May 29 11:11:43 2024 GMT
>         Subject: C=US, CN=ORname_Jungo: OpenRG Products Group
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>                 Public-Key: (1024 bit)
>                 Modulus:
>                     00:ce:3d:af:b0:ff:6a:39:22:e5:ac:dd:e5:76:31:
>                     55:c4:a7:2a:8b:61:f6:52:71:bc:8f:a6:bd:a6:63:
>                     cc:e4:6d:d2:82:e8:31:6a:cc:6e:9c:05:8e:d2:d3:
>                     aa:a8:6d:58:d7:98:e8:10:32:4a:15:a0:ef:22:85:
>                     b0:f5:34:1e:95:ff:8c:72:0e:03:30:24:9f:2e:49:
>                     fa:5a:07:f2:72:cd:e7:de:a0:dc:fd:19:c8:3e:b3:
>                     ec:29:2a:81:bc:e0:f4:c7:c9:f5:72:eb:13:13:0b:
>                     06:7e:a8:2d:ba:24:b1:8f:aa:eb:bf:b9:cc:04:96:
>                     31:f2:d1:65:58:3e:66:fd:55
>                 Exponent: 65537 (0x10001)
>         X509v3 extensions:
>             X509v3 Basic Constraints:
>                 CA:TRUE, pathlen:5
>             X509v3 Key Usage:
>                 Digital Signature, Non Repudiation, Key Encipherment,
> Data Encipherment, Certificate Sign
>             X509v3 Extended Key Usage:
>                 TLS Web Client Authentication, Code Signing, E-mail
> Protection, TLS Web Server Authentication
>             Netscape Comment:
>                 Jungo OpenRG Products Group standard certificate
>             Netscape Cert Type:
>                 SSL Client, SSL Server, SSL CA
>     Signature Algorithm: md5WithRSAEncryption
>          9e:d6:d6:cd:8f:e4:52:1a:ad:77:99:4d:f9:91:18:da:06:12:
>          92:df:5f:5a:88:8b:66:87:7d:86:03:2c:d7:82:3e:24:64:56:
>          b9:10:f5:ad:ef:77:c2:f9:45:d4:51:6f:c4:93:a4:cf:63:0b:
>          73:47:64:47:4c:f4:fd:6d:fa:cf:b4:f0:ef:2a:49:53:ff:35:
>          77:29:ed:6b:dc:88:58:b4:b2:c1:d9:f5:fd:8e:80:ed:5e:81:
>          c3:24:05:46:e2:65:83:6f:e7:0c:ff:ad:52:5b:5c:e9:c5:db:
>          51:ef:06:75:39:b6:20:04:c0:cc:44:7c:38:a1:91:6c:13:2d:
>          5e:ab
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Reply via email to