jbobReach Out and Touch Someone Premium Member join:2004-04-26 Little Rock, AR 1 edit |
to antdude
Re: Dangerous remote Linksys 0-day root exploit discovered!Does anyone actually run the Linksys firmware on these routers? I think many here, at least they should, are running a third party firmware. |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US
1 recommendation |
antdude
Premium Member
2013-Jan-22 9:31 am
said by jbob:Does anyone actually run the Linksys firmware on these routers? I think many hear, at least they should, are running a third party firmware. I do. The problem is its complex instructions and easy to brick. I don't want to try it until I have a spare wireless router to use in case something goes wrong. |
|
unknvoipRIP goose Premium Member join:2006-07-25 Rochester, NY
1 recommendation |
to jbob
said by jbob:Does anyone actually run the Linksys firmware on these routers? I think many hear, at least they should, are running a third party firmware. Based on the number of times I see wireless ssid's of LYNKSYS, yes many people are running that firmware. A fair number of them have the default password I am guessing. Most of those people don't read dslreports and don't know anything about 3rd party firmware. |
|
·Metronet
1 recommendation |
to jbob
said by jbob:Does anyone actually run the Linksys firmware on these routers? I think many here, at least they should, are running a third party firmware. Yes - I do - thought about using 3rd party but the Linksys firmware works perfectly fine for me. |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
1 edit
1 recommendation |
I'll do some speculation just to see how close I am... Many of you may have noticed when you try to access your own public IP you get the router web page. Still true? My speculation is that this rule is made advantage of. It's not your LAN IP it's a public IP (that happens to be your own) so it'll get by a lot of security fixes against local addressing. Cross-Site Scripting (XSS) had exploits to access local LAN addresses but this Linksys quirk is sort of an invitation. IF that's all it is... securing your password off default would be #1. But everyone here should already know THAT, anyway. |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2013-Jan-22 5:58 pm
said by Bill_MI:I'll do some speculation just to see how close I am...
Many of you may have noticed when you try to access your own public IP you get the router web page. Still true? My speculation is that this rule is made advantage of. It's not your LAN IP it's a public IP (that happens to be your own) so it'll get by a lot of security fixes against local addressing. Cross-Site Scripting (XSS) had exploits to access local LAN addresses but this Linksys quirk is sort of an invitation.
IF that's all it is... securing your password off default would be #1. But everyone here should already know THAT, anyway. Of course, if the Linksys router(s) in question have a default backdoor password, that might not help. My Netgear WNR1000v2-VC (running stock Netgear firmware) has such a hidden "root" password, and I take advantage of it when I occasionally need to look at something that the html admin pages don't show me by running a Netgear utility called "TelnetEnable". That utility does exactly what the POC seems to be doing, it opens up a Linux command line interface (with "root" privileges) to the router (and the "admin" password I have setup is irrelevant to this process). |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
|
said by NetFixer:Of course, if the Linksys router(s) in question have a default backdoor password, that might not help. Absolutely! I know it's a Linux environment but do I recall logging in can use a (BLANK) or any username? Or do you have to sign in with user "root"? I vaguely recall, like other Linksys routers, they may have hacked in that compatibility. It's just that kind of change that can open a vulnerability if it's done wrong. |
|
1 recommendation |
to antdude
said by antdude:said by jbob:Does anyone actually run the Linksys firmware on these routers? I think many hear, at least they should, are running a third party firmware. I do. The problem is its complex instructions and easy to brick. I don't want to try it until I have a spare wireless router to use in case something goes wrong. What antdude said: » Linksys E1000: Is it bricked?My E1000 is now a paperweight. |
|
|
jbobReach Out and Touch Someone Premium Member join:2004-04-26 Little Rock, AR ·Comcast XFINITY Asus GT-AX6000 Asus RT-AC66U B1
|
jbob
Premium Member
2013-Jan-24 12:10 pm
said by planet:said by antdude:said by jbob:Does anyone actually run the Linksys firmware on these routers? I think many hear, at least they should, are running a third party firmware. I do. The problem is its complex instructions and easy to brick. I don't want to try it until I have a spare wireless router to use in case something goes wrong. What antdude said: » Linksys E1000: Is it bricked?My E1000 is now a paperweight. To be clear my comment about not using the Linksys firmware was for the router in question. The 54GL. I'm not sure what is so hard about flashing the GL series router. It is so user friendly. Flashing this thing couldn't get any easier. Just pick DD-WRT or Tomato and flash away. There are so many more options available via these two third party firmwares that it makes not using them foolish. lol But I also understand if one doesn't really want to. If the stock firmware works what more can you ask for! Oh another exploit! |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
|
DefenseCode finally released their findings. It's related to the uPnP abomination (see » Security Flaws in Universal Plug-n-Play: Unplug, Don't Play) but specific to Broadcom devices. » blog.defensecode.com/201 ··· ode.html |
|