23 September 2016

Byepass login security and total scan on Swedish State Railways SJ WiFi

On 2016-09-22 I was travelling with a fast train X2000 belonging Swedish State Railways SJ from Linköping to Stockholm.
What I discovered... no need to authenticate or login for accessing the SJ WiFi network used by most passengers.
I atach a screendump.

All devices belonging to travellers: laptops, tablets, smartphones, became totally accessible.
No services or ports were blocked.
SSH, RDP, Telnet, Samba Shares, SMB, all were open and I could do anything on any remote device.
Over 50 devices were vulnerable.

I informed the responsible at SJ for my discovery.
No technical details will be disclosed for obvious security reasons.