dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
12
share rss forum feed


CylonRed
Premium,MVM
join:2000-07-06
Bloom County

1 recommendation

reply to jbob

Re: Dangerous remote Linksys 0-day root exploit discovered!

said by jbob:

Does anyone actually run the Linksys firmware on these routers? I think many here, at least they should, are running a third party firmware.

Yes - I do - thought about using 3rd party but the Linksys firmware works perfectly fine for me.
--
Brian

"It drops into your stomach like a Abrams's tank.... driven by Rosanne Barr..." A. Bourdain


Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:2
Reviews:
·WOW Internet and..

1 edit

1 recommendation

I'll do some speculation just to see how close I am...

Many of you may have noticed when you try to access your own public IP you get the router web page. Still true? My speculation is that this rule is made advantage of. It's not your LAN IP it's a public IP (that happens to be your own) so it'll get by a lot of security fixes against local addressing. Cross-Site Scripting (XSS) had exploits to access local LAN addresses but this Linksys quirk is sort of an invitation.

IF that's all it is... securing your password off default would be #1. But everyone here should already know THAT, anyway.



NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

said by Bill_MI:

I'll do some speculation just to see how close I am...

Many of you may have noticed when you try to access your own public IP you get the router web page. Still true? My speculation is that this rule is made advantage of. It's not your LAN IP it's a public IP (that happens to be your own) so it'll get by a lot of security fixes against local addressing. Cross-Site Scripting (XSS) had exploits to access local LAN addresses but this Linksys quirk is sort of an invitation.

IF that's all it is... securing your password off default would be #1. But everyone here should already know THAT, anyway.

Of course, if the Linksys router(s) in question have a default backdoor password, that might not help. My Netgear WNR1000v2-VC (running stock Netgear firmware) has such a hidden "root" password, and I take advantage of it when I occasionally need to look at something that the html admin pages don't show me by running a Netgear utility called "TelnetEnable". That utility does exactly what the POC seems to be doing, it opens up a Linux command line interface (with "root" privileges) to the router (and the "admin" password I have setup is irrelevant to this process).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:2
Reviews:
·WOW Internet and..

said by NetFixer:

Of course, if the Linksys router(s) in question have a default backdoor password, that might not help.

Absolutely!

I know it's a Linux environment but do I recall logging in can use a (BLANK) or any username? Or do you have to sign in with user "root"? I vaguely recall, like other Linksys routers, they may have hacked in that compatibility. It's just that kind of change that can open a vulnerability if it's done wrong.