If you have a D-Link router....

Discussion in 'Computers' started by Gromett, Oct 14, 2013.

  1. Gromett

    Gromett Funster

    Joined:
    Feb 27, 2011
    Messages:
    7,905
    Likes Received:
    13,923
    Location:
    UK
    There is a backdoor vulnerability where a password isn't required to access your settings.

    Vulnerable firmware that has been confirmed
    DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240

    Possibly a bit too technical for most on here but interesting if you want to see how hackers work.

    http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/

    Some DIR-615 are also affected, including those distributed by Virgin Mobile....

    If I find a fix or work around for this I will post.
     
    • Like Like x 3
  2. Allanm

    Allanm Funster

    Joined:
    Jun 30, 2013
    Messages:
    3,028
    Likes Received:
    4,099
    Location:
    Cotes d'armor, France
    Luckily I don't have any D Link hardware, but the link in your post doesn't seem to work.
    Allan
     
  3. joner8888

    joner8888 Read Only Funster

    Joined:
    Jan 4, 2012
    Messages:
    2,190
    Likes Received:
    1,971
    Location:
    somerset
    Is this to gain access to the wifi part of the router
     
  4. Gromett

    Gromett Funster

    Joined:
    Feb 27, 2011
    Messages:
    7,905
    Likes Received:
    13,923
    Location:
    UK
    No, this is a backdoor to the entire router.

    From there they can as just one example;

    Change your DNS settings so it points to a compromised DNS server. This could do all sorts such redirect you to fake bank sites. Redirect you to a forward proxy and listen to everything you send/receive.

    The list of possible risks is huge. They basically become a man in the middle of all your communications.
     
  5. joner8888

    joner8888 Read Only Funster

    Joined:
    Jan 4, 2012
    Messages:
    2,190
    Likes Received:
    1,971
    Location:
    somerset
    I don`t use a D link but a T P link router-

    Could they get through by guessing the pre set admin password on line or through some where else :Eek!:
     
  6. Gromett

    Gromett Funster

    Joined:
    Feb 27, 2011
    Messages:
    7,905
    Likes Received:
    13,923
    Location:
    UK
    This only affects D-Link routers. They messed up when programming it is all.

    D-Link have now announced they are working on a fix.

    You can find details here.

    PS: Link has downloads for firmware upgrades.
     
  7. knokinonabit

    knokinonabit Funster

    Joined:
    Dec 28, 2011
    Messages:
    2,482
    Likes Received:
    2,454
    Location:
    Stokesley, North Yorks
    Now I AM worried, 'cos I don't have a clue what you are talking about.

    What is a D-link router ?

    All I know is that mine is a BT router. :helpsos: :help:
     
  8. Gromett

    Gromett Funster

    Joined:
    Feb 27, 2011
    Messages:
    7,905
    Likes Received:
    13,923
    Location:
    UK
  9. pappajohn

    pappajohn Funster Life Member

    Joined:
    Aug 26, 2007
    Messages:
    29,443
    Likes Received:
    16,872
    Location:
    YO11 2BD
    i use a Thompson router as supplied by AOL many years ago.

    when it quit a mate gave me a new one but could not get the original aol supplied password.

    dont know what i did but i can now change all the parameters via the routers 'dashboard' but cant access the ADMIN page.

    all i need is the routers access code on the rear label in this format. o.oo.oo.o.o.
    or something like that.
     
    Last edited: Oct 15, 2013
  10. MikeandCarolyn

    MikeandCarolyn Read Only Funster

    Joined:
    Mar 18, 2008
    Messages:
    2,171
    Likes Received:
    1,463
    Location:
    Worle,North Somerset
    Absolutely fascinating-wish I was about 40 yrs younger and could learn and take part in hacking for fun-not to be malicious,just to be able to do it.
    Respect,yo.
    Mike
     
Loading...

Share This Page