fbpx
The Stack Archive

Dell laptops can disclose themselves to websites via JavaScript

Wed 25 Nov 2015

Laptop manufacturer Dell is having a bad week in terms of PR. In the wake of the discovery that Dell laptops contain a self-signed root certificate which makes them vulnerable to a man-in-the-middle (MiTM) attack in much the same manner as the Lenovo Superfish fiasco earlier this year, a security researcher has discovered that the company’s computers will disclose a great deal of information about themselves to any website that knows how to ask for the information.

The information on offer constitutes a ‘hardware ID’, including the status of the warranty and the specifications of the machine, amongst other details. It can be coaxed out of a Dell laptop running Dell Foundation Services by the following call in JavaScript, which is received on TCP port 7779 by a webserver which Dell Foundation services starts on the machine expressly to receive support requests:

http://localhost:7779/Dell%20Foundation%20Services/eDell/IeDellCapabilitiesApi/REST/ServiceTag

The machine characteristics are revealed by access to its 7-character service tag, intended for Dell’s own diagnostic technicians.

Security researcher ‘Slipstream’ has created a dedicated website where Dell users can watch their machines confessing to the page in real time (whilst taking in some absolutely terrible background music). Dell users are reported to have successfully revealed the information in question to the site.

This vulnerability is unrelated to this week’s controversy about the eDellRoot self-signed certificate which the company has been installing on its machines, once again with the intention of streamlining support-related matters, but nonetheless an attack vector for MiTM attacks.

In practice the JavaScript service tag exploit would be harder to capitalise on than the rogue certificate, since it passes on less information than is made vulnerable by a dedicated MiTM attack, but it certainly could be used in targeted social engineering attacks, or even arguably as a parameter in web advertising decisions for any Dell user that broadcasts themselves in this manner.

Tags:

Dell news security
Send us a correction about this article Send us a news tip