[Owasp-Recife] backdoor found in Linksys router

Caio Dias caio.dias at owasp.org
Thu Jan 2 00:21:34 UTC 2014


Palavras de *elvanderb:*

Some random code/data about the backdoor I found in my Linksys WAG200G
(TCP/32764).


The backdoor may be present in other hardware, I'll update this readme
accordingly :)

Backdoor confirmed in:
- Linksys WAG200G
- Netgear DM111Pv2 (https://twitter.com/eguaj/status/418143024019816448)
- Linksys WAG320N
(http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/)

Backdoor may be present in :
- NetGear DG934 [probability: 99.99%]
(http://codeinsecurity.wordpress.com/category/reverse-engineering/)
- Netgear DG834 (http://www.netgear-forum.com/forum/index.php?showtopic=6192)
- Netgear WPNT834 (http://forum1.netgear.com/showthread.php?p=270354)
- Netgear DG834G
(http://superuser.com/questions/166627/netgear-router-listening-on-port-32764)
- Netgear WG602, WGR614, DGN2000
(http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/)
- Linksys WAG120N, WAG160N, WRVS4400N
(http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/)



Vejam os arquivos em https://github.com/elvanderb/TCP-32764


-- 
Caio Dias
https://about.me/caiodias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-recife/attachments/20140101/c4d5cdbd/attachment.html>


More information about the Owasp-recife mailing list