The Members Forum

Ever want to hack into millions of routers? Or try to stop
someone from doing so?

Perhaps a discussion at the upcoming Black Hat conference in Las Vegas will help
you in either or both goals. And its title, "How to Hack Millions of
Routers," cuts right to the chase too.

The talk will be given by Craig Heffner, a senior security engineer
for Seismic LLC,
a Maryland-based provider of cybersecurity products to the U.S.
Defense Department and intelligence agencies. In it, Heffner will
apparently reveal how to exploit a vast amount of consumer routers
through DNS rebinding, an existing technique in which attackers turn victims'
browsers into Web proxies that do the attackers' bidding.

DNS rebinding tricks browsers into seeking internal servers on the
victim's network under the direction of the attacker, who can order it
to find and send corporate data to an outside machine while evading
detection by the user and not tampering with DNS servers. Heffner's
talk will describe how this can be used to access the router's
internal-facing administrative interface without requiring prior
knowledge of the target router or its configuration settings; and
circumventing existing DNS rebinding safeguards.

Heffner will even demonstrate a tool that automates the attack and
allows the attacker to browse the interface of the target router in
real-time, enabling vulnerability exploitation or log in through default
credentials.

Cisco Linksys routers are vulnerable to the hack, as are
those under the ActionTec, Asus, Belkin, Dell and Thompson brand names.
ActionTec routers are CPE in Verizon's FiOS service
and Heffner's talk will include a live demo on how to infilitrate a FiOS
router using the rebinding hack.

http://www.mycomputerplayground.com/index.php?option=com_content&view=article&id=736:cisco-linksys-among-qmillionsq-of-hackable-routers-&catid=38:computer-hardware-news-and-happenings&Itemid=76