Announcement

Collapse
No announcement yet.

WRT worm now reality

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    WRT worm now reality

    I spoke about this 2 years ago at con, the possibility of a virus targeting open-source based home routers and the challenges of verifying the authenticity of the running firmware on such things.

    Well, it's actually happened

    http://dronebl.org/blog/8

    This should be fun.
    Never drink anything larger than your head!





    Tags: None
  • #2
    Re: WRT worm now reality

    Originally posted by renderman View Post
    I spoke about this 2 years ago at con, the possibility of a virus targeting open-source based home routers and the challenges of verifying the authenticity of the running firmware on such things.

    Well, it's actually happened

    http://dronebl.org/blog/8

    This should be fun.
    Thanks Renderman. Now I suspect I know what's wrong with our public access here.

    Regards,

    valkyrie
    ________________________________________
    sapere aude

    Comment

    • #3
      Re: WRT worm now reality

      Originally posted by valkyrie View Post
      Thanks Renderman. Now I suspect I know what's wrong with our public access here.

      Regards,

      valkyrie
      ________________________________________
      sapere aude


      Stop using "password" as the admin password!

      Comment

      • #4
        Re: WRT worm now reality

        Originally posted by barry99705 View Post
        Stop using "password" as the admin password!
        *snicker* I fixed that when they let me have access to the router about a month ago. I am not responsible for what happened before that. :-D

        Regards,

        valkyrie
        _____________________________________________
        sapere aude

        Comment

        • #5
          Re: WRT worm now reality

          wow, very interesting, luckily though it only works with remote management enabled. Of course, with the number of unsecured wireless and simple passworded wireless routers in my neighborhood alone this could have a fairly large impact (if those users have actually installed one of the open source router firmware packages).

          I wonder how long until someone cracks the other firmware variants that are coming direct from the manufacturers.
          Network Jesus died for your SYN

          Comment

          • #6
            Re: WRT worm now reality

            Originally posted by bjaming View Post
            wow, very interesting, luckily though it only works with remote management enabled. Of course, with the number of unsecured wireless and simple passworded wireless routers in my neighborhood alone this could have a fairly large impact (if those users have actually installed one of the open source router firmware packages).

            I wonder how long until someone cracks the other firmware variants that are coming direct from the manufacturers.
            RTFA, it works on the default firmwares as well as third party ones like DD-WRT and OpenWRT. All are Linux based, just some minor changes under the hood.

            I actually run into alot of remote managment enabled home routers in business environments, usually IT providers enabling it as a 'service' to remote manage the devices so they don't have to get off their butts and goto the site to admin it.
            Never drink anything larger than your head!





            Comment

            • #7
              Re: WRT worm now reality

              Originally posted by renderman View Post
              RTFA, it works on the default firmwares as well as third party ones like DD-WRT and OpenWRT. All are Linux based, just some minor changes under the hood.

              I actually run into alot of remote managment enabled home routers in business environments, usually IT providers enabling it as a 'service' to remote manage the devices so they don't have to get off their butts and goto the site to admin it.
              apparently I didn't make the connection between mipsel and the default firmware...wow, I really feel sorry for the poor bastards that have exposed their admin interfaces to the net.
              Network Jesus died for your SYN

              Comment

              • #8
                Re: WRT worm now reality

                Originally posted by bjaming View Post
                apparently I didn't make the connection between mipsel and the default firmware...wow, I really feel sorry for the poor bastards that have exposed their admin interfaces to the net.
                Sadly, I used to work for a small time ISP (they basically resold cable service D: but through 900mhz radios (dumb idea, I know)) and I know for a fact they used those low end belkin routers to translate from their external virtual IP on their network to a local IP with Remote Management enabled. I know its going to be a problem for them (they've had so many problems with servers becoming a botnet zombie that they are added to SpamHaus every other week), but I really don't feel like telling them for various reasons. Whats even sadder is that they have the county tax collector on their network D:
                "As Arthur C Clarke puts it, "Any sufficiently advanced technology is indistinguishable from magic". Here is my corollary: "Any sufficiently technical expert is indistinguishable from a witch"."

                Comment

                Previous template Next
                Working...
                X