Vulnerability Development mailing list archives

RE: exploiting printers, home routers & smb routers

From: "Nick Iglehart" <ncoastpub2 () clevelandcomputing com>
Date: Thu, 22 Aug 2002 10:50:41 -0700

The problem with trying to change the firmware form the outside is that the
routers only allow firmware changes from the internal interface.  Spoofing
probably won't work since the packet shouldn't get passed any farther.

-----Original Message-----
From: hellNbak [mailto:hellnbak () nmrc org]
Sent: Thursday, August 22, 2002 9:56 AM
To: chrisd () cissmb pointclark net
Cc: vuln-dev () securityfocus com; fx () phenoelit de
Subject: Re: exploiting printers, home routers & smb routers

Sure why not.  If you are able to remotely get a firmware on to a Linksys
box you can have fun.  I seem to remember (does anyone know for sure??)
that the very first firmware on the Linksys DSL routers had a bit of an
issue that has been fixed but how many users of these devices actually
upgrade them?  The target market is the home and small office guys who
might not know enough to be updating things.

On Thu, 22 Aug 2002 chrisd () cissmb pointclark net wrote:

Date: Thu, 22 Aug 2002 11:09:06 -0400 (EDT)
From: chrisd () cissmb pointclark net
To: vuln-dev () securityfocus com
Cc: fx () phenoelit de
Subject: exploiting printers, home routers & smb routers

I read the black hat presentation on exploiting printers:

http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.p
df


, good stuff & a real eye opener!

I started thinking ..., I'm no hardware expert but couldn't this be
modified & applied to all the home & small business routers ??? (linksys,
smc, d-link, etc ...)

As we all know so many of them are:

- can be configured through a web interface
- their default config is not changed
- are accessible through inet (lack of config)
- keep their default accounts (lack of config)
- new firmware can be uploaded

My question, could something similar to exploiting printers be done to
routers or would the hardware be totally incompatible ?

ch,


--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

"I don't intend to offend, I offend with my intent"

hellNbak () nmrc org
http://www.nmrc.org/~hellnbak

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Current thread:

exploiting printers, home routers & smb routers chrisd (Aug 22)
- Re: exploiting printers, home routers & smb routers Stan Bubrouski (Aug 22)
- Re: exploiting printers, home routers & smb routers hellNbak (Aug 22)
  - RE: exploiting printers, home routers & smb routers Nick Iglehart (Aug 22)
- Re: exploiting printers, home routers & smb routers FX (Aug 23)
- <Possible follow-ups>
- Re: exploiting printers, home routers & smb routers Peter Gutmann (Aug 22)