Sunday, January 7, 2018

Hitron's "Encryption"

If you try to open a backup configuration file from a Hitron modem/router, it won't be readable.

However, it turns out it's just DES with a static key. Either due to incompetence or laziness, the configuration key is not unique and appears to have been reused across all their products for years.

I've posted a simple Python script to automate decrypting and encrypting Hitron configuration files.