November 19, 2017
(beginning compilation) x
January 13, 2018 (stopped back to add screenshot) x
Peface: On a fluke, I found the following writ *(credit to the author,
the name of which is contained below **and this IS for educational
At the bottom of this writ is a statement by someone unknown to me. IT
IS EXACTLY WHAT MY VIDEOS SHOW ON YOUTUBE AND THE VIDEOS ARE PROPERLY
DATED WITH MORE TO COME.
YOU HAVE BEEN WARNED (NOW WHAT YOU DO WITH THIS INFORMATION IS BETWEEN
YOU AND YOUR GOD). end of story
Irrefutable Video Evidence is forthcoming. Here's where I was at in
reference to this topic a mere 5 days ago:
Router flaws put AT&T customers at hacking risk
The bugs are easy to exploit, but can be easily mitigated.
By Zack Whittaker for Zero Day | September 4, 2017 -- 13:23 GMT (06:23
PDT) | Topic: Security
(Image: Victor Gevers)
Thousands of routers, many of which belong to AT&T U-verse
customers, can be easily and remotely hacked through several critical
Five flaws were found in common consumer Arris routers used by AT&T
customers and other internet providers around the world. The flaws were
detailed in a blog post by Joseph Hutchins, who described some of the
them as being as a result of "pure carelessness."
The report said Arris NVG589 and NVG599 modems with the latest 9.2.2
firmware are affected, but it's not clear who's responsible for the
Hutchins said that some of the flaws may have been introduced after the
routers were delivered to the internet provider, which often adds
customized code for remote interactions, such as customer support and
"Some of the problems discussed here affect most AT&T U-verse
modems regardless of the OEM, while others seem to be OEM specific,"
said Hutchins. "So it is not easy to tell who is responsible for this
situation. It could be either, or more likely, it could be both."
Among the vulnerabilities are hardcoded credentials, which can allow
"root" remote access to an affected device, giving an attacker full
control over the router. An attacker can connect to an affected router
and log-in with a publicly-disclosed username and password, granting
access to the modem's menu-driven shell. An attacker can view and
change the Wi-Fi router name and password, and alter the network's
setup, such as rerouting internet traffic to a malicious server.
The shell also allows the attacker to control a module that's dedicated
to injecting advertisements into unencrypted web traffic, a common
tactic used by internet providers and other web companies. Hutchins
said that there was "no clear evidence" to suggest the module was
running but noted that it was still vulnerable, allowing an attacker to
inject their own money-making ad campaigns or malware.
Here are 2017's biggest hacks, leaks, and data breaches so far
Here are 2017's biggest hacks, leaks, and data breaches so far
Dozens of data breaches, millions of people affected.
Buggy routers don't always lead to unauthorized network access, but can
instead be hijacked as part of botnet operations, like Mirai, which
when powered up can target and throw websites and services offline.
Rapid7 reported the vulnerability as an 8/10, on the higher end of the
It's not known exactly how many devices are affected, however.
One estimation said as many as 138,000 routers are vulnerable to
attackers, according to a tweet by Victor Gevers, chairman of the GDI
Foundation, a Dutch non-profit organization dedicated to internet
security. The numbers are more nuanced, he explained, and the
vulnerabilities are not limited to the hardcoded credentials flaw.
Another bug affects "every single" Arris-built AT&T U-verse device,
according to Hutchins, putting potentially millions of customers at
An attacker can bypass the firewall on the device by brute-forcing the
half-completed MAC address on the device. Hutchins said that he
believes the bug allows AT&T staff to connect to an AT&T-issued
television digital recorder on the same network, but the implementation
went "terribly wrong."
He said that this "most widespread vulnerability" has the easiest fix.
Hutchins has published several self-mitigation methods on the blog.
Hutchins said it was "hard to believe" that the flaws are not being
A spokesperson for Arris said the company wouldn't comment on specifics
as it was "currently verifying" the report. "We can confirm ARRIS is
conducting a full investigation in parallel and will quickly take any
required actions to protect the subscribers who use our devices," the
AT&T did not respond to a request for comment outside business
hours. (Monday is a US national holiday.) We'll update if that changes.
Alert: AT&T customers with Arris modems at risk of remote hacking,
claim infosec bods
Just the usual procession of firmware vulnerabilities
By Richard Chirgwin 1 Sep 2017 at 02:01
14 Reg comments SHARE
Infosec consulting firm Nomotion has reported vulnerabilities in Arris
broadband modems and which it says are trivial to exploit, and could
affect nearly 140,000 devices.
The report claims the modems carry hard-coded credentials, serious
since a firmware update turned on SSH by default. That would let a
remote attacker access the modem's cshell service and take a leisurely
walk through most of the devices' controls and levers.
“The username for this access is remotessh and the password is
5SaP9I26”, Nomotion states.
The shell's capabilities include “viewing/changing the WiFi
SSID/password, modifying the network setup, re-flashing the firmware
from a file served by any tftp server on the Internet” and there's also
access to a kernel module “whose sole purpose seems to be to inject
advertisements into the user’s unencrypted web traffic.”
That last isn't in use in the modem, Nomotion's Joseph Hutchins writes
but the code is present and vulnerable.
The modems in question are the Arris NVG589 and NVG599, which Nomotion
notes are provided as standard customer premises equipment for AT&T
The bugs could have been added by AT&T, the report says, since
while “examining the firmware, it seems apparent that AT&T
engineers have the authority and ability to add and customize code
running on these devices, which they then provide to the consumer (as
The cshell runs as root, which means any other possible exploit is also
trivial to exploit. For example, he provides a demonstration of a
command injection using its ping functionality.
Other vulnerabilities Hutchins says he's found in the modems include:
Default https server credentials Hutchins isn't sure why there's an
https server running on port 49955, but it's there, and user “tech”
with no password can access it; Command injection the same https server
(named “caserver”) accepts commands to upload a firmware image; rifle
through its internal databases; and send configuration commands with
requests to a set_data command; More information disclosure and
hard-coded credentials a service on port 61001 leaks device information
under the right conditions, including another set of credentials,
“bdctest/bdctest”; and A firewall bypass on port 49152.
Clark County Municipal Court Springfield Ohio Community
Clark County Municipal Court
The true story starts out like this:
1.) In 2012, a storm that
caused the ceiling and roof to fall left me without a home.
2.) The Federal Agency, F.E.M.A., gave me a check to help, but I
was still left with nowhere to go for more than 3 months..
3.) My mother offered to help by signing a one-year lease with
Theresa Crow for a rental located at 1335 North Limestone St. in
Mom's Genuine Lease Page 1
4.) Following my mother's one-year lease, I and the husband of the
Lessor came to an agreement that I would resume the new lease under
new payment arrangements
contrary to Court version of
5.) Due to electrical deficiencies and other problems with the
rental, I gave notice to vacate about a year later.
6.) However, a few months after I vacated a notice came in the mail
that I was being threatened by the Crows for property damage.
I replied that the Crows were fully made aware of each and every
disaster that occurred in their property and that I had videos
showing the true cause of damages.
is one of many
videos that the Judge denied within the Clark County Municipal
Court, but why? Video shows where damages came
from. It was the upstairs tenant's plumbing and later an upstairs
6.) Yet a year after I vacated, the Crows sued my
Mother instead of me!
Suit Claimed my 70+ year old mother
"caused" the damages
at the Crow property.
7.) The Courts denied my two written requests to become a party to
the case, stating they have the wrong person being sued. Both
were submitted and are on Court Record prior to Pre-Trial.
Motion To Intervene
Request Page2 1st Request Page
Motion To Correct The Record
2nd Request Page 1 2nd Request Page 2
2nd Request Page 3
However the Court DID allow a fictitious Lease into the Court
Record submitted by the Crows.
Court's Fraudulent Lease Page1which was submitted to the Court by the
permitted in the Court Record.
8.) Both of my Requests to present evidence and witnesses
were Denied by Judge Thomas Trempe of Clark County Municipal Court,
given were the following reasons:
9. Having been denied twice by the Clark County Municipal Court
prior to Pre-Trial, I appealed to the Appellate Division to request
that the decision to deny my becoming a party to the case be
overturned and allow me to present evidence to show that the
allegations are fraudulent and directed to the wrong
10.) The Second Appellate Court did not bother to intervene
or answer until 5 months A F T E R the lower Court went ahead
with Trial holding my mother un-represented and un-assisted in a
Trial which took place 2 months after Pre-Trial. I
would NOT be allowed to present evidences to a case in which I am
the obvious correct party to.
To find out how a 70+ year old woman was swindled by an unjust
system which appears to be a racket (from my perspective), forcing the
downstairs tenant to pay for the damages caused by the upstairs tenant.
More of this? >Next
Do you have a gripe about something? Consider adding your voice
to the following website.
truth from the rooftops
Springfield Ohio Post Clark County News Underground
Springfield Ohio Links of Community Interest
2803 Troy Road Springfield Ohio 45504 Product of USA
+1 (937) 718-3586