RE: NETGEAR DG834G SPECIAL FEATURES
From: Andre Lorbach (alorbach_at_ro1.adiscon.com)
Date: 08/13/04
- Previous message: Adam Zabrocki: "Advanced usage of system() function."
- Maybe in reply to: thanasonic_at_hack.gr: "NETGEAR DG834G SPECIAL FEATURES"
- Next in thread: thanasonic_at_hack.gr: "Re: NETGEAR DG834G SPECIAL FEATURES"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Aug 2004 12:22:46 +0200 To: <thanasonic@hack.gr>, <bugtraq@securityfocus.com>
> -----Original Message-----
> From: thanasonic@hack.gr [mailto:thanasonic@hack.gr]
>
> By opening http://192.168.0.1/setup.cgi?todo=debug you enable
> the router's debug mode.Then you just telnet at 192.168.0.1
> at port 23 and then you have a root shell.
>
> Also i found that if you just telnet to 192.168.0.1 2602 you
> will get a prompt from the service ZEBRA that is running on
> the router.By giving "zebra" as password *which is the
> default password* you got also a root shell.
Wow! That's exactly the router I have and these exploits work *fear*.
Fortunately, only on the local network, but they work!
With what Firmware version did you test? I still have 1.04 here.
Best regards,
Andre Lorbach
- Previous message: Adam Zabrocki: "Advanced usage of system() function."
- Maybe in reply to: thanasonic_at_hack.gr: "NETGEAR DG834G SPECIAL FEATURES"
- Next in thread: thanasonic_at_hack.gr: "Re: NETGEAR DG834G SPECIAL FEATURES"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
