RE: exploiting printers, home routers & smb routers

From: Nick Iglehart (ncoastpub2at_private)
Date: Thu Aug 22 2002 - 10:50:41 PDT

Next message: Darroch: "Re: Follow up:Apache Nosejob"

Previous message: Jeremy Junginger: "Follow up:Apache Nosejob"
In reply to: hellNbak: "Re: exploiting printers, home routers & smb routers"
Next in thread: FX: "Re: exploiting printers, home routers & smb routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The problem with trying to change the firmware form the outside is that the
routers only allow firmware changes from the internal interface.  Spoofing
probably won't work since the packet shouldn't get passed any farther.

-----Original Message-----
From: hellNbak [mailto:hellnbakat_private]
Sent: Thursday, August 22, 2002 9:56 AM
To: chrisdat_private
Cc: vuln-devat_private; fxat_private
Subject: Re: exploiting printers, home routers & smb routers

Sure why not.  If you are able to remotely get a firmware on to a Linksys
box you can have fun.  I seem to remember (does anyone know for sure??)
that the very first firmware on the Linksys DSL routers had a bit of an
issue that has been fixed but how many users of these devices actually
upgrade them?  The target market is the home and small office guys who
might not know enough to be updating things.

On Thu, 22 Aug 2002 chrisdat_private wrote:

> Date: Thu, 22 Aug 2002 11:09:06 -0400 (EDT)
> From: chrisdat_private
> To: vuln-devat_private
> Cc: fxat_private
> Subject: exploiting printers, home routers & smb routers
>
> I read the black hat presentation on exploiting printers:
>
>
http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.p
df
>
> , good stuff & a real eye opener!
>
> I started thinking ..., I'm no hardware expert but couldn't this be
> modified & applied to all the home & small business routers ??? (linksys,
> smc, d-link, etc ...)
>
> As we all know so many of them are:
>
> - can be configured through a web interface
> - their default config is not changed
> - are accessible through inet (lack of config)
> - keep their default accounts (lack of config)
> - new firmware can be uploaded
>
> My question, could something similar to exploiting printers be done to
> routers or would the hardware be totally incompatible ?
>
> ch,
>
>

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

"I don't intend to offend, I offend with my intent"

hellNbakat_private
http://www.nmrc.org/~hellnbak

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Next message: Darroch: "Re: Follow up:Apache Nosejob"
Previous message: Jeremy Junginger: "Follow up:Apache Nosejob"
In reply to: hellNbak: "Re: exploiting printers, home routers & smb routers"
Next in thread: FX: "Re: exploiting printers, home routers & smb routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 11:02:55 PDT