a tale of rough firmware #router #backdoor
If you can't read please download the document
TRANSCRIPT
1. A Tale of a Rogue Router Firmware 2. Bijay Limbu Senihang (CEH/CISSP) Co-Founder/Information Security Consultant of Entrust Solutions Nepal Trainer/Lecturer Loyal Husband Nabin KC Pentester/Security Researcher at Entrust Solutions Nepal CVE-2014-8496 Loyal Single 3. Once Upon a Time... 4. In Parallel Universe... 5. Real Attack Scenario 6. Demo Hacking a PC behind NAT in 4 minutes .. 7. Insecure Scenario 8. The Story of a Discovery... 9. Its All about Super 10. Backdoor Demo( no more admin:admin ) 11. This is not the End... More Than 10 Major Vendor Used Same Firmware(*****) 12. This is not the End... Digicom DAPR 150RN DAPR 300RN Alpha Network AIP-W525H AWAP806N Pro-Link PRN3001 WNR1008 Planet Networks WNRT-300G TrendNet TEW-638APB TEW-639GR TWE-736RE Realtek RTL8181 RTL8186 RTL8186P Bless Zio-3300N Zio-4400N Zio-3200N Zio-3300N SmartGate SG3300N SG3100N Blue Link BL-R30G 13. This is not the End... Case of Copyright Infringement 14. This is not the End... Copyright Infringement (Contd..) 15. This is not the End... Copyright Infringement (Contd..) 16. Are they just Copyright Infringement or really a Rogue? 17. Lets clear the confusion Tried to upload their vendor firmware 18. A Rouge Router Firmware ;-) 2ook Online Devices+(Unknown number Offline) Affected Worldwide(approximately) 19. How it can be used? Botnet (used for DdoS attack, APT Attack ) Personal proxy network aka My personal TOR Free Wi-fi Map (I am not Mark Zuckerburg but can help to make a free Internet world) 20. Who is Responsible? Vendor Government Consumer 21. Your Last Defense!! 22. Your Last Defense!!(Contd..) Firewall aka watch guard 23. Your Last Defense!!(Contd..) Anti-virus aka body guard 24. Your Last Defense!!(Contd..) Anti-virus aka body guard 25. Your Last Defense!!(Contd..) User 26. Moral of the Story 27. Moral of the Story Know your Devices and Vendor Creating a hard time for an attacker is a win win situation. Use as much defense you can. A best way to be protect home router is to disable the Remote Management if you don't need. Try Open Source firmware if your device supports(eg. OpenWrt) P.S. No router were harm or used for illegal purpose during our research 28. Responsible Disclosure Router Vendors have been informed about this issue. Only TREDNET has replied till now. 29. Contact Us www.ensolnepal.com Email: [email protected] @bhutabe @n_cnew Find presentation here: blog.ensolnepal.com