A Common Netgear Wireless Router. Model DG834G.

A Common Netgear Wireless Router. Model DG834G.

A number of Linksys and Netgear DSL modems have been found to be exploitable via a simple hole in the components’ firmware.

How Was This Discovered?

Eloi Vanderbeken recently took up the task of reverse engineering his Linksys WAG200G wireless DSL gateway’s firmware.  At first he did it just for kicks, but during the process he found out even brand name tech components are just as vulnerable to hackers as off-brand products.  Vanderbeken found out during his self-imposed hack-a-thon that his WAG200G DSL gateway was accessible to hackers via an undocumented port.

After Vanderbeken toyed around with the Linksys firmware, he was able to come up with a simple interface that allowed him to send various commands to the gateway without administration authentication.  At first, Vanderbeken found that he couldn’t do much with the interface besides resetting the gateway to its factory settings.  However, as he delved deeper into it, he found that he could inject some home-brewed command lines into the interface.  These simple code injections allowed him to gain control of certain administrative properties using a wireless connection, and to reset the gateway’s web password.

How To Check if Your Are Affected

People interested in the hack and are tech savvy enough can check out Vanderbeken’s published work on Github.  Would-be hackers can do a few things with the script.  Firstly, Vanderbeken only hacked his router because he wanted access to his router’s web console without having to input the admin password—which he forgot.  So if you are the proud owner of these selective devices, you can be assured that they’re hack-able to both you and others with malicious intents.  Chances are most people will rather reset their gateways the easy way by pressing the little red reset button on the back of their device using a pen tip.  People looking for an adventure into the world of coding, however, might actually test out the scripts to see if their highly secured network is bulletproof or not.

Eloi Vanderbeken's bruteforce code to test the vulerability.

Eloi Vanderbeken’s bruteforce code to test the vulerability.

Another thing to note is that the backdoor vulnerability in these LinkSys and Netgear components are only assessable locally.  Meaning, a hacker would have to be in range of your Wi-Fi network for them to compromise your network and personal data.

What Should I Do If I Am Affected?

Quite frankly speaking, unless your neighbor or a passerby knows exactly the type of router you’re currently using, they won’t bother to attempt to hack your network.  The easiest solution, if you happen to own one of these vulnerable devices, is to name your wireless network something other than the router’s brand and model.

Often times, the routers come shipped with preconfigured settings which use the brand or model as the default wireless network name.  If that is the case, simply log into your router, and change the network’s name.  Next, you may also want to upgrade the product’s firmware, but keep in mind that different manufacturers have different firmware upgrade requirements.  Check your product manuals or website before attempting to upgrade firmware, because one wrong move can render your router unusable.

If you need further help, contact your office IT support.

Read More


 


A recent article in the German computer security magazine c’t has exposed infections on wireless routers running a custom router software called DD-WRT. What does this mean for your office network? If your office wireless router is running DD-WRT and has not been updated since 2009 your entire office network and everyone who connects to your wifi can be at risk of having their private data stolen. Lets look deeper into the problem:

wifi_infected

What are the risks?

If your router is infected, every person who connects to your wifi can have their usernames, passwords, bank login information, credit card information, or any information they type in and send over the internet stolen. The virus writers then receive this information and either use it to steal corporate data, commit credit card fraud, or sell the information on the black market.

What is DD-WRT?

Most wireless router manufacturers lock away features of your router and sell them at a lower price point. They then take the same hardware and repackage it at a higher price, only unlocking those features. DD-WRT is a custom open source software that runs on your office wireless routers in place of the limited software that came with your router. It then unlocks all of the features and options that were originally unavailable to you, unleashing the true potential of your wireless router.

How do I know if I have DD-WRT?

DD-WRT can be shipped with the wireless router, or it can be installed manually. The quickest way to check if you have DD-WRT installed on your office wireless devices is to ask your office IT person. If they aren’t easily accessible, you can attempt to check yourself using the following steps on a Windows XP/Vista/7 and above computer:

1. Run IP Config and get your Default Gateway.

windows_xp_run_cmd

On Windows XP/Vista, click on Start then Run and type “cmd” without the quotes and press Enter.

Windows_7_start_menu

On Windows 7, go to Start and type in “cmd” without the quotes into the Search Programs and Files box and press enter.

Follow these steps to open “cmd” on a Window 8 computer.

2. In the cmd window, type “ipconfig” without the quotes and press enter.

ipconfig

You should see something similar to the above screen. Make note of the Default Gateway value.

3. Check for DD-WRT and the version it is running.

Checking_dd-wrt

Open your favorite web browser, and enter only the Default Gateway numbers into the address bar and press enter.

If you see the above screen load, you have a wireless router with DD-WRT installed. Now check the date DD-WRT at the top right corner. If it is dated 2009 or earlier, you are vulnerable.

If you are still not sure, contact your office IT person to confirm.

What do I do if my wifi is vulnerable?

Since DD-WRT is supported by a volunteer community, testing can be limited, allowing bugs to pass to the public. Unfortunately since this virus is so new, there is no guaranteed way to check if a router is infected with this virus. The best course of action is to update the DD-WRT software on the router, or to use a router that does not have DD-WRT.

Read More