Monday, April 21, 2014

Your router may have a "secret" back door in it.

This stuff just keeps getting better and better.

"Eloi Vanderbeken from Synacktiv has identified an intentional backdoor in a module by Sercomm used by major router manufacturers (Cisco, Linksys, Netgear, etc.). The backdoor was ostensibly fixed — by obfuscating it and making it harder to access. The original report (PDF). And yeah, there is an exploit available ..."

What the hell does all that mean? It means that all the routers listed here are sitting with a gaping security hole in them. A hole that's there by design, apparently. Because instead of fixing the hole, they just kind of papered over it a bit. Kicked some sand on it to hide it, you might say. But its still there, waiting for just the right packet to come along and let somebody completely p0n3 your router. Yeah, that one you rent from the phone company, that little box that plugs into the wall.

What can happen? From the link,

Once the backdoor is switched back on, it listens for TCP/IP traffic just as the original firmware did, giving “root shell” access—allowing anyone to send commands to the router, including getting a “dump” of its entire configuration. It also allows a remote user to access features of the hardware—such as blinking the router’s lights.

They get to pretty much completely do whatever they want to your network, from add wi-fi users to lock you out of your own network.

Can you fix it? Yes. Get a PROPER router, one that isn't a piece of cable company shit. If you want to be really sure... forget it. If the manufacturers are putting back doors in the firmware, we're f-ed. You'd have to make your own from scratch.

The Phantom

3 comments:

WiFi Lunchbox Guy said...

Speaking of back doors, something happened to the USS Donald Cook; the Russians are claiming p0wnage.

The Phantom said...

I read that link. I think I need a whole box of salt for that one.

Because the Russians are going to reveal a major capability just to show off, right?

WiFi Lunchbox Guy said...

It's unlikely, but in-field p0wnage of US military assets is old news.

Sooner or later someone really is going to use an AI hacker to go after capital ships, if for no other reason than it's cheap.