North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

The Router Hacking Challenge is Over! (fwd)

  • From: Gadi Evron
  • Date: Sat Mar 01 23:49:15 2008

For those interested.

---------- Forwarded message ---------- Date: Sat, 1 Mar 2008 22:08:29 +0000 From: Petko D. Petkov <[email protected]> To: [email protected], [email protected] Subject: The Router Hacking Challenge is Over!

The Router Hacking Challenge is Over! We've got some very interesting
results which prove that routers', and in general embedded devices',
security is poor. There is definitely more room for further
development and we urge security researchers and hobbyists to keep the
challenge alive with new submissions. I hope that the challenge was as
educational and entertaining as practical and useful to all of us.

Here is a quick summary, in no particular order, of the types of
vulnerabilities we are exhibiting:

* authentication bypass
* a-to-c attacks
* csrf (cross-site request forgeries)
* xss (cross-site scripting)
* call-jacking - like making your phone dial numbers or even survey
room's sound where the phone resides
* obfuscation/encryption deficiencies
* UPnP, DHCP and mDNS problems - although not officially reported,
most devices are affected
* SNMP injection attacks due to poor SNMP creds.
* memory overwrites - well it is possible to overwrite the admin
password while being in memory and therefore be able to login as admin
* stealing config files
* cross-file upload attacks - this is within the group of csrf attacks
* remote war-driving - way cool
* factory restore attacks
* information disclosure
* etc, etc, etc

Please check the project page for more information and be sure that we
will continue posting interesting info on that subject in the future.
Also, if you have some findings on your own, pls let us know as we are
very interested to learn about.