KEEPING THE household OFF THE web WITH AN UNDOCUMENTED BACKDOOR
When [Eloi] was house for Christmas, he dealt with one of the most challenging issues guy has ever faced: his entire family, equipped with smartphones as well as laptops, siphoning all the Web with a 1Mb/s connection. For any type of technically minded person, the repair for this issue is to limit the bandwith for all those Facebook as well as Twitter-heads, while leaving [Eloi]’s battlestation unaffected. [Eloi] had originally set up the Linksys WAG200G router in the household house a few years back however had because forgotten the excessively complex admin password. No worries, then, since obviously the WAG200G is open as broad as a barn door with a totally undocumented backdoor.
Without the password to the admin panel of the router, [Eloi] needed a method in. After pointing nmap at the router, he discovered an undocumented service running on port 32764. Googling this observation resulted in a great deal of speculation, so the only choice was to download the router’s firmware, look for the service, as well as figure out a method in.
[Eloi] ultimately got a shell on the router as well as composed a extremely short Python script to automate the process for all WAG200G routers. as for where this backdoor came from, it appears a SerComm gadget on the router is responsible. This implies a whole lot of routers with this particular SerComm module likewise have this backdoor, as well as we’d presume anything with a service running on port 32764 is suspect.
If you’re searching for a repair for this backdoor, your best option is most likely installing OpenWRT or Tomato. The OpenWAG200 project, an open firmware particularly developed for [Eloi]’s router, still has this vulnerability, though.