The Router Hacking Challenge is Over! (fwd)
For those interested. ---------- Forwarded message ---------- Date: Sat, 1 Mar 2008 22:08:29 +0000 From: Petko D. Petkov <pdp.gnucitizen@googlemail.com> To: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com Subject: The Router Hacking Challenge is Over! http://www.gnucitizen.org/projects/router-hacking-challenge/ The Router Hacking Challenge is Over! We've got some very interesting results which prove that routers', and in general embedded devices', security is poor. There is definitely more room for further development and we urge security researchers and hobbyists to keep the challenge alive with new submissions. I hope that the challenge was as educational and entertaining as practical and useful to all of us. Here is a quick summary, in no particular order, of the types of vulnerabilities we are exhibiting: * authentication bypass * a-to-c attacks * csrf (cross-site request forgeries) * xss (cross-site scripting) * call-jacking - like making your phone dial numbers or even survey room's sound where the phone resides * obfuscation/encryption deficiencies * UPnP, DHCP and mDNS problems - although not officially reported, most devices are affected * SNMP injection attacks due to poor SNMP creds. * memory overwrites - well it is possible to overwrite the admin password while being in memory and therefore be able to login as admin * stealing config files * cross-file upload attacks - this is within the group of csrf attacks * remote war-driving - way cool * factory restore attacks * information disclosure * etc, etc, etc Please check the project page for more information and be sure that we will continue posting interesting info on that subject in the future. Also, if you have some findings on your own, pls let us know as we are very interested to learn about. pdp -- http://www.gnucitizen.org http://www.gnucitizen.com http://www.hakiri.org GNUCITIZEN
participants (1)
-
Gadi Evron