Hi all,
So, what else to do in my spare time while mining some BTC? Exploiting security holes in my hardware.
It turns out that every KnC miner can be hacked within 5-10 minutes, making it possible to control the CGMiner remotely.
I've submitted a higly detailed report to KNC, explaining how i did it, and how they can patch it with a new firmware upgrade.
To avoid a huge breach, i will not reveal all details, but i give you a short summary [proof of concept].
1:
Scan the internet, using a special tool, for the default KnC Miner header response
WWW-Authenticate: Digest realm="KnC Miner configuration", nonce="f76e06a34c00b5fec1da6749d4ed0bfc", qop="auth"
EVERY miner uses this header, so in 10 seconds, i found about 1180 responses vulnerable to my attack.
) to list status of all miners, restart them or power cycle them. Protect that page with user login and https.
Port forward your Internet connections to that page.