Arris Tg862a

[Melanie Wendelberger]

Ifthe generated code dint work please dont leave a bad feedback, consult with the creator of the original code @ . I only made the android port, and update it as soon as the github sources are updated.

Arris POD is a free app for Android published in the System Maintenance list of apps, part of System Utilities.

The company that develops Arris POD is Harry Gonzalez. The latest version released by its developer is 1.0.

To install Arris POD on your Android device, just click the green Continue To App button above to start the installation process. The app is listed on our website since 2014-02-16 and was downloaded 28 times. We have already checked if the download link is safe, however for your own protection we recommend that you scan the downloaded app with your antivirus. Your antivirus may detect the Arris POD as malware as malware if the download link to me.harrygonzalez.arrispod is broken.

How to install Arris POD on your Android device:Click on the Continue To App button on our website. This will redirect you to Google Play.Once the Arris POD is shown in the Google Play listing of your Android device, you can start its download and installation. Tap on the Install button located below the search bar and to the right of the app icon.A pop-up window with the permissions required by Arris POD will be shown. Click on Accept to continue the process.Arris POD will be downloaded onto your device, displaying a progress. Once the download completes, the installation will start and you'll get a notification after the installation is finished.

Bernardo Rodrigues, a Brazilian security researcher, said that he uncovered not one, but two backdoors in some Arris cable modems (TG862A, TG862G, DG860A). Over 600,000 cable customers are affected by this, and according to Rodrigues, the vendor hasn't committed to fixing the software flaws yet. Arris cable modems are used by some of the largest U.S. ISPs, including Comcast, Time Warner Cable, Charter and Cox.

The firmware of the cable modems in question came with an undocumented "libarris_password.so" library that acted as a backdoor by allowing privileged account logins with a different custom password for each day of the year. This backdoor actually dates to 2009, but Arris never fixed it.

When users or attackers exploit this backdoor, they can access the modem through SSH or Telnet ports over a hidden HTTP administrative interface. The default password for the SSH user "root" is "arris." When SSH or Telnet sessions were created, the system launched a "mini_cli" shell that asked for the backdoor's password.

While the researcher was analyzing the backdoor, he discovered that there was another backdoor inside the first backdoor. This second backdoor could be accessed through SSH/Telnet by using the last five digits of the modem's serial number as its password. Once accessed, a full busybox session is opened, giving the attackers even more capabilities.

Rodrigues was asked by the vendor not to disclose the password generating algorithm, but he didn't think this will do much to slow down attackers, considering the extent of the vulnerabilities in these Arris cable modems.

Rodrigues reported the vulnerabilities to the CERT/CC, a major center for addressing Internet security problems that's funded by the U.S. federal government, which has a policy of waiting 45 days before software bugs are disclosed to the public. The researcher and CERT/CC have already waited more than 65 days for Arris to fix the problem, but that hasn't happened yet, which is why the researcher is now making it all public.

Rodrigues believes that if modem software can't be open sourced so everyone could audit the software in their modems, as Vint Cert and others recently suggested, then researchers should at least be allowed to reverse-engineer modem firmware. This way, white hat security experts could find and help fix more security issues in our modems without being potentially liable to lawsuits against them by the modem companies who don't want their vulnerabilities exposed.

3a8082e126