Hackers Targeting Routers Next?

Filed in archive Security measures on March 8, 2008

There is a great blog post on ZDNet about routers quite possibly being the next target for hackers. A "Router Hacking Challenge" was recently made, with the idea being to share attacks against a variety of routers. Here is an excerpt from the Full Discloser mailing list sharing the findings:

Here is a quick summary, in no particular order, of the types of vulnerabilities we are exhibiting:
authentication bypass

a-to-c attacks

csrf (cross-site request forgeries)

xss (cross-site scripting)

call-jacking - like making your phone dial numbers or even survey room's sound where the phone resides

obfuscation/encryption deficiencies

UPnP, DHCP and mDNS problems - although not officially reported, most devices are affected

SNMP injection attacks due to poor SNMP creds

memory overwrites - well it is possible to overwrite the admin password while being in memory and therefore be able to login as admin

stealing config files

cross-file upload attacks - this is within the group of csrf attacks

remote war-driving - way cool

factory restore attacks

nformation disclosure

The idea of hackers focusing on routers isn't really all that surprising when you realize that most people simply leave theirs unsecured. Here in my neighborhood my wireless card picks up half a dozen networks, and only one is secure-mine. The others are wide open for anyone to jump on and enjoy. Check out this Blackhat presentation for more great info.