I got hacked

yep answered most of those. except for edit files addon - not installed. and didnt answer sjee as google is your friend (the answer is no log)

Then its just me being unable to find the answers in this discussion.
Would you mind enlighten me how the hacker was able to access your installation (through SMB, without the port 445 mapped?) so that i can happily go on with my life?

1 Like

Site list router vulnerabilities.
https://routersecurity.org/bugs.php

I am thinking router flaw that lets them into network and onto install…OR just user error
anyway, The site above is worth a look.

UPNProxy is a one I been look to share for a few days

David, did you check that your 3218 configurator port is password protected? Try direct access to it from the outside.

Sitting here reading but the one question no one has asked; have you checked your router? Recently there was a new article out regarding a 3 stage hack on multiple routers.

@JasonH
2 posts up I list the vulnerable routers and link to service advisery, etc

EDIT
Actually that was general vulnerability list
Below thread is about what you mention

1 Like

Of course its got a strong password as i already stated. I have not been hacked or compromised.

I had left the guest mode enabled once and I had some kind of exe and some file in each folder , I had to scrap the entire files for fear of stolen data and rebuilt the content , again it gave me room for learning and segregating yaml’s in a better way . These days I keep the samba addon disabled as I only edit once a while and only when at home.

Look at Syncthing instead. :wink:

I’d be very interested in a pen testing tutorial.

I use winscp.

that is very helpfull to.

Hi,
Just checked SHODAN and thre is stil lots of people with their HA not secure.
even with cameras and password for the google accounts …
mqtt also needs to be secured as most are wide open.

They probably don’t all read this forum.

How is MQTT wide open? Are people opening MQTT port on router? It’s only accessible on local network for most people I would have thought?

Yep. They want owntracks etc…

I’ve tried sucessfully with MQTTFX (client ) and see their topics and payloads.
left them a note to protected themselfs on the secrets.yaml

some guy even had the passwords for the cctv cams of his store.
:frowning:

How are you writing to their secrets file?

Are they leaving the damn SMB share open?

… yep … wide open

I’m at a loss for words.