Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


The Hack Your Home Router Challenge

Hacker hosts hunt for home router bugs

3:00 PM -- In the wake of two fairly bad stories about cross-site request forgeries (CSRF), there’s a new challenge on the wind: Hack your home router! The catalysts for this challenge were some recent real-world CSRF-based attacks -- a user's domain being compromised due to a hole in Gmail, and Mexican banking customers' credentials getting stolen after their routers were compromised.

Ronald van den Heetkamp (a hacker based out of the Netherlands) has recently published a new router security challenge on the sla.ckers.org Web board. He’s looking for the nastiest bugs in home DSL routers and cable modems, which are in most every household with broadband access. The challenge has also spilled onto other sites as well, where people have already begun to post serious issues in common routers like Linksys WRT300N, and Belkin F5D7230-4.

And the challenge has only been running for three days.

One issue in the Linksys router, for instance, could allow an attacker to completely compromise the device and change its settings to the attacker’s DNS server, or add machines into the demilitarized zone (DMZ) -- even without knowing the targeted router's password. This is a similar flaw to the one found in the routers used in the Mexican bank pharming attack. (For the uninitiated, pharming is similar to phishing, except that it often requires actual desktop or DNS-based compromises to send people to the wrong site). Both of these types of attacks are initiated via CSRF, and all it would take was for the victim to visit a Website that was under the attacker’s control, or sites that allow HTML-based, user-submitted content (think social networking sites).

Why are these home routers so flawed? The people developing the hardware often don't have experience in building secure Web applications, and almost all modern routers have a Web-based administration console, which provides ease of use for the home user. Unfortunately, that combination of factors makes these devices especially easy to exploit.

Meanwhile, the home router hacking contest lasts until February 29. If you use have broadband Internet access, expect to see some upgrades in your router firmware next month.

– RSnake is a red-blooded lumberjack whose rants can also be found at Ha.ckers and F*the.net. Special to Dark Reading

  • Google (Nasdaq: GOOG)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Inside the Ransomware Campaigns Targeting Exchange Servers
    Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
    Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
    Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2021-04-11
    In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
    PUBLISHED: 2021-04-11
    In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...
    PUBLISHED: 2021-04-11
    In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
    PUBLISHED: 2021-04-11
    In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.
    PUBLISHED: 2021-04-11
    In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety r...