Expose the security risks in home routers.

Is Your Home Network Safe?

-July 2010+
  • RSS
  • Subscribe


  • Entries (11)

Posted by Stone Ning Monday, July 26, 2010 2:29:00 AM Categories: Internet Security
Rate this Content 0 Votes

At the end of this month, the annual Black Hat security conference will be held in Las Vegas.

You may feel this event has nothing to do with you, but one of the topics from Craig Heffner will shock you:

How to Hack Millions of Routers

In the briefing, he said:

This talk will demonstrate how many consumer routers can be exploited via DNS rebinding to gain interactive access to the router's internal-facing administrative interface. Unlike other DNS rebinding techniques, this attack does not require prior knowledge of the target router or the router's configuration settings such as make, model, internal IP address, host name, etc, and does not rely on any anti-DNS pinning techniques, thus circumventing existing DNS rebinding protections.

A tool release will accompany the presentation that completely automates the described attack and allows an external attacker to browse the Web-based interface of a victim's router in real time, just as if the attacker were sitting on the victim's LAN. This can be used to exploit vulnerabilities in the router, or to simply log in with the router's default credentials. A live demonstration will show how to pop a remote root shell on Verizon FIOS routers (ActionTec MI424-WR).

Confirmed affected routers include models manufactured by Linksys, Belkin, ActionTec, Thompson, Asus and Dell, as well as those running third-party firmware such as OpenWRT, DD-WRT and PFSense.

Here is the test result of a list of routers:

Vendor Model H/W Version F/W Version Successful
ActionTec MI424-WR Rev. C YES
ActionTec MI424-WR Rev. D YES
ActionTec GT704-WG N/A YES
ActionTec GT701-WG E YES
Asus WL-520gU N/A N/A YES
Belkin F5D7230-4 2000 4.05.03 YES
Belkin F5D7230-4 6000 N/A NO
Belkin F5D7234-4 N/A 5.00.12 NO
Belkin F5D8233-4v3 3000 3.01.10 NO
Belkin F5D6231-4 1 2.00.002 NO
D-Link DI-524 C1 3.23 NO
D-Link DI-624 N/A 2.50DDM NO
D-Link DIR-628 A2 1.22NA NO
D-Link DIR-320 A1 1 NO
D-Link DIR-655 A1 1.30EA NO
Dell TrueMobile 2300 N/A YES
Linksys BEFW11S4 1 1.37.2 YES
Linksys BEFSR41 4.3 2.00.02 YES
Linksys WRT54G3G-ST N/A N/A YES
Linksys WRT54G2 N/A N/A NO
Linksys WRT160N 1.1 1.02.2 YES
Linksys WRT54G 3 3.03.9 YES
Linksys WRT54G 5 1.00.4 NO
Linksys WRT54GL N/A N/A YES
Netgear WGR614 9 N/A NO
Netgear WNR834B 2 2.1.13_2.1.13NA NO
OpenWRT N/A N/A Kamikaze r16206 YES
PFSense N/A N/A 1.2.3-RC3 YES
Thomson ST585 6sl YES

If your home router is not in this list or is temporarily safe, it doesn't mean there is no risk.

The technical details are not the points I want to discuss in this article - which you may also have no interest in at all. As I know, many people treat computers or computer-driven appliances as traditional devices. However, these 'smart' devices never be perfect. Bugs will be found after they were purchased by consumers from market. Unfortunately, most of consumers never maintain their computers or similar devices until problems occur. This is the same as a driver who lacks the sense of road safety. The biggest leak is not in routers or elsewhere, but in people's mind!

So, what are you waiting for? Take actions as soon as possible before troubles come to you!

Site Map | Printable View | © 2009 - 2018 BitWay | HTML 5 | CSS
Share This Using Popular Bookmarking Services