Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
A Tale of a Rogue Router
Firmware
</Authors>
➔
Bijay Limbu Senihang
(CEH/CISSP)
➔
Co-Founder/Information
Security Consultant of
Entrust Solutions Nepal
➔
Tr...
Once Upon a Time...
In Parallel Universe...
Real Attack Scenario
Demo
Hacking a PC behind NAT in 4 minutes ..
Insecure Scenario
The Story of a Discovery...
Its All about Super
Backdoor Demo( no more
admin:admin )
This is not the End...
● More Than 10 Major Vendor Used Same
Firmware(*****)
This is not the End...
 Digicom
 DAPR 150RN
 DAPR 300RN
 Alpha Network
 AIP-W525H
 AWAP806N
 Pro-Link
 PRN3001
 W...
This is not the End...
➢ Case of Copyright Infringement
This is not the End...
➢ Copyright Infringement (Contd..)
This is not the End...
➢ Copyright Infringement (Contd..)
Are they just Copyright
Infringement or really a Rogue?
Lets clear the confusion
● Tried to upload their vendor firmware
A Rouge Router Firmware ;-)
2ook Online Devices+(Unknown number
Offline) Affected Worldwide(approximately)
How it can be used?
 Botnet (used for DdoS attack, APT Attack )
 Personal proxy network aka My personal TOR
 Free Wi-fi...
Who is Responsible?
➔ Vendor
➔ Government
➔ Consumer
Your Last Defense!!
Your Last Defense!!(Contd..)
 Firewall aka watch guard
Your Last Defense!!(Contd..)
● Anti-virus aka body guard
Your Last Defense!!(Contd..)
● Anti-virus aka body guard
Your Last Defense!!(Contd..)
 User
Moral of the Story
Moral of the Story
● Know your Devices and Vendor
● Creating a hard time for an attacker is a win win
situation. Use as mu...
Responsible Disclosure
Router Vendors have been informed about
this issue. Only TREDNET has replied till
now.
Contact Us
www.ensolnepal.com
Email: info@ensolnepal.com
@bhutabe
@n_cnew
Find presentation here: blog.ensolnepal.com
A tale of rough firmware #router #backdoor
A tale of rough firmware #router #backdoor
Upcoming SlideShare
Loading in …5
×

A tale of rough firmware #router #backdoor

2,152 views

Published on

A tale of the rough firmware which has a backdoor . More than 10 major vendor are affected worldwide. The exact number of device is unknown but our online number calculation there are more than 200k device online unknow number of other vendor and offline device
# Full description paper is available at http://blog.ensolnepal.com .The above research have been recently presented in International Conference on Cyber Security and Cyber Law 2015(Feb 21) held at Hotel Yak and Yeti by Nabin kc (@N_Cnew)and Bijay Limbu Senihng (@bhutabe), Kathmandu Nepal. http://www.ekantipur.com/the-kathmandu-post/2015/02/20/money/global-meet-on-cyber-security-law-starts/273454.html

Published in: Technology
  • Be the first to comment

A tale of rough firmware #router #backdoor

  1. 1. A Tale of a Rogue Router Firmware
  2. 2. </Authors> ➔ Bijay Limbu Senihang (CEH/CISSP) ➔ Co-Founder/Information Security Consultant of Entrust Solutions Nepal ➔ Trainer/Lecturer ➔ Loyal Husband ➔ Nabin KC ➔ Pentester/Security Researcher at Entrust Solutions Nepal ➔ CVE-2014-8496 ➔ Loyal Single
  3. 3. Once Upon a Time...
  4. 4. In Parallel Universe...
  5. 5. Real Attack Scenario
  6. 6. Demo Hacking a PC behind NAT in 4 minutes ..
  7. 7. Insecure Scenario
  8. 8. The Story of a Discovery...
  9. 9. Its All about Super
  10. 10. Backdoor Demo( no more admin:admin )
  11. 11. This is not the End... ● More Than 10 Major Vendor Used Same Firmware(*****)
  12. 12. This is not the End...  Digicom  DAPR 150RN  DAPR 300RN  Alpha Network  AIP-W525H  AWAP806N  Pro-Link  PRN3001  WNR1008  Planet Networks  WNRT-300G  TrendNet  TEW-638APB  TEW-639GR  TWE-736RE  Realtek  RTL8181  RTL8186  RTL8186P  Bless  Zio-3300N  Zio-4400N  Zio-3200N  Zio-3300N  SmartGate  SG3300N  SG3100N  Blue Link  BL-R30G
  13. 13. This is not the End... ➢ Case of Copyright Infringement
  14. 14. This is not the End... ➢ Copyright Infringement (Contd..)
  15. 15. This is not the End... ➢ Copyright Infringement (Contd..)
  16. 16. Are they just Copyright Infringement or really a Rogue?
  17. 17. Lets clear the confusion ● Tried to upload their vendor firmware
  18. 18. A Rouge Router Firmware ;-) 2ook Online Devices+(Unknown number Offline) Affected Worldwide(approximately)
  19. 19. How it can be used?  Botnet (used for DdoS attack, APT Attack )  Personal proxy network aka My personal TOR  Free Wi-fi Map (I am not Mark Zuckerburg but can help to make a free Internet world)
  20. 20. Who is Responsible? ➔ Vendor ➔ Government ➔ Consumer
  21. 21. Your Last Defense!!
  22. 22. Your Last Defense!!(Contd..)  Firewall aka watch guard
  23. 23. Your Last Defense!!(Contd..) ● Anti-virus aka body guard
  24. 24. Your Last Defense!!(Contd..) ● Anti-virus aka body guard
  25. 25. Your Last Defense!!(Contd..)  User
  26. 26. Moral of the Story
  27. 27. Moral of the Story ● Know your Devices and Vendor ● Creating a hard time for an attacker is a win win situation. Use as much defense you can. ● A best way to be protect home router is to disable the Remote Management if you don't need. ● Try Open Source firmware if your device supports(eg. OpenWrt) P.S. No router were harm or used for illegal purpose during our research
  28. 28. Responsible Disclosure Router Vendors have been informed about this issue. Only TREDNET has replied till now.
  29. 29. Contact Us www.ensolnepal.com Email: info@ensolnepal.com @bhutabe @n_cnew Find presentation here: blog.ensolnepal.com

×