Still have “admin:12345” login/password pair on your DSL router?

Someone wanted administration of routers to be easy. And then someone found a way to exploit it.

This is repost from old times when I worked at local ISP.

To get working PPPoE connection in Debian you need to install pppoe and pppoeconf packages.

$ sudo aptitude install pppoe pppoeconf

In file /etc/ppp/chap-secrets add string like this:

"login" * "password" *

File /etc/ppp/peers/dsl-provider must contain these commands:

user login_from_chap_secrets
pty "/usr/sbin/pppoe -I eth0 -T 80 -m 1452"
noipdefault
defaultroute
hide-password
lcp-echo-interval 20
lcp-echo-failure 3
connect /bin/true
noauth
persist
mtu 1500
noaccomp
default-asyncmap

File /etc/network/interfaces must contain PPP interface definition:

auto ppp0
iface ppp0 inet ppp
        provider dsl-provider

As result PPPoE connection will be established at boot through xDSL bridge connected to network interface eth0.