What do you say about the python script TM?
I am hoping you now found the vulnerability, which looks like it is extremely easy to hack any of your nas devices.
So stop saying that it is our password and start accepting that it is your TOS that has a big hole in it.
Urgent Notification about TNAS being Attacked by Ransomware
- NavinKanus
- Posts: 1
- Joined: 13 Jan 2022, 11:02
- REBELinBLUE
- Posts: 30
- Joined: 05 Dec 2021, 06:37
Re: Urgent Notification about TNAS being Attacked by Ransomware
the TOS PHP scripts are encoded with something like zend guard so can't see what they do wrong :(
- REBELinBLUE
- Posts: 30
- Joined: 05 Dec 2021, 06:37
Re: Urgent Notification about TNAS being Attacked by Ransomware
https://thatsn0tmy.site/posts/2021/12/h ... mmon-rces/ found this write up, this is just terrible
- Charlie_Croker
- Posts: 105
- Joined: 07 Oct 2020, 19:05
Re: Urgent Notification about TNAS being Attacked by Ransomware
REBELinBLUE wrote:
> https://thatsn0tmy.site/posts/2021/12/h ... mmon-rces/ found this write
> up, this is just terrible
Bloody hell that's bad news. I note that its dated December 2021. So looks like its being exploited. TM this needs to be fixed ASAP or reinstalling the NAS will just lead to a a further issue with people's data.
@TMRoy, we need to know what TM's plans are?
> https://thatsn0tmy.site/posts/2021/12/h ... mmon-rces/ found this write
> up, this is just terrible
Bloody hell that's bad news. I note that its dated December 2021. So looks like its being exploited. TM this needs to be fixed ASAP or reinstalling the NAS will just lead to a a further issue with people's data.
@TMRoy, we need to know what TM's plans are?
- NavinKanus
- Posts: 1
- Joined: 13 Jan 2022, 11:02
Re: Urgent Notification about TNAS being Attacked by Ransomware
Wow, that was not hard. The write up clearly explains the whole exploit.
Hoping TM now knows what went wrong.
FIX IT TM, right now !
Hoping TM now knows what went wrong.
FIX IT TM, right now !
- REBELinBLUE
- Posts: 30
- Joined: 05 Dec 2021, 06:37
Re: Urgent Notification about TNAS being Attacked by Ransomware
As a PHP Engineering Team Lead there are quite a few things in this code which would be a no no!
function __construct()
{
global $in, $config, $db, $L;
...
globals are always a sign of bad design... That would automatically disqualify any candidate 😂
function __construct()
{
global $in, $config, $db, $L;
...
globals are always a sign of bad design... That would automatically disqualify any candidate 😂
- Charlie_Croker
- Posts: 105
- Joined: 07 Oct 2020, 19:05
Re: Urgent Notification about TNAS being Attacked by Ransomware
I have now pulled plug on my TM, no way can this kind of S@£$ security be in any way excused.This is sloppy and shows no sign of any security audits, no sign of penetration testing on quality control. I know TM is at the budget end of the NAS market, but this is not acceptable , you are storing people's data (and in many cases their irreplaceable data). I was prepared to give TM the benefit of the doubt, but not for this.
Still I suppose we can now expect lots of pictures of Pugs! :(
Still I suppose we can now expect lots of pictures of Pugs! :(
- NavinKanus
- Posts: 1
- Joined: 13 Jan 2022, 11:02
Re: Urgent Notification about TNAS being Attacked by Ransomware
I don't think TM is going to respond now. The evidence is out. They made a huge mistake with their quality control, especially in the security part of the product.
Open Source development is always going to be a problem unless the developers have strong knowledge of security.
Open Source development is always going to be a problem unless the developers have strong knowledge of security.
- REBELinBLUE
- Posts: 30
- Joined: 05 Dec 2021, 06:37
Re: Urgent Notification about TNAS being Attacked by Ransomware
NavinKanus wrote:
> Open Source development is always going to be a problem unless the
> developers have strong knowledge of security.
The thing is TOS isn't opensource, arguably if it were this would have been found sooner and by someone who wasn't looking to exploit it (not saying the person who posted that blog is responsible for exploiting it but they certainly make it sound like that was their intention and it doesn't sound like they reported it to TerraMaster before disclosing it publicly).
One of the first things I did when I got mine and noticed it was running PHP was pretty much the same as this guy, except when I found out the PHP files were encoded I gave up as I wasn't interested enough to try and reverse engineer them; I'm sure there are many people who are the same; so instead it was left to someone more determined to find actually exploits, either for bad purposes or to make a name for themselves rather than just the people who use the software and are interested in the workings of it.
> Open Source development is always going to be a problem unless the
> developers have strong knowledge of security.
The thing is TOS isn't opensource, arguably if it were this would have been found sooner and by someone who wasn't looking to exploit it (not saying the person who posted that blog is responsible for exploiting it but they certainly make it sound like that was their intention and it doesn't sound like they reported it to TerraMaster before disclosing it publicly).
One of the first things I did when I got mine and noticed it was running PHP was pretty much the same as this guy, except when I found out the PHP files were encoded I gave up as I wasn't interested enough to try and reverse engineer them; I'm sure there are many people who are the same; so instead it was left to someone more determined to find actually exploits, either for bad purposes or to make a name for themselves rather than just the people who use the software and are interested in the workings of it.
Re: Urgent Notification about TNAS being Attacked by Ransomware
Already passed this info to the tech team, I believe that they will have a patch soon for such an issue.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)