New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenWAG200 #49

Closed
DuaneBarry opened this Issue Jan 4, 2014 · 5 comments

Comments

Projects
None yet
4 participants
@DuaneBarry
Contributor

DuaneBarry commented Jan 4, 2014

Vulnerable even with this installed http://sourceforge.net/projects/openwag200/files/OpenWAG200/1.4/
-download configuration with cleartext http admin password
-in shell with command "reboot" the router obeys
-work on WAN (Internet)

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 4, 2014

Owner

Interesting, thank you :)
I added it to the list, maybe OpenWAG200 is a little bit too open :P

Owner

elvanderb commented Jan 4, 2014

Interesting, thank you :)
I added it to the list, maybe OpenWAG200 is a little bit too open :P

@elvanderb elvanderb closed this Jan 4, 2014

@DuaneBarry

This comment has been minimized.

Show comment
Hide comment
@DuaneBarry

DuaneBarry Jan 5, 2014

Contributor

UPDATE:
thanks of the ssh/telnet access present on OpenWAG200 and killing all of the processes called scfgmgr like you suggested in issue#61, the backdoor is not usable:

$ python poc.py --ip 192.168.200.253 --shell
probably not vulnerable (error: [Errno 111] Connection refused)

But the WebInterface become broken:
-the SETUP page is not complete
-the STATUS page display no information

Contributor

DuaneBarry commented Jan 5, 2014

UPDATE:
thanks of the ssh/telnet access present on OpenWAG200 and killing all of the processes called scfgmgr like you suggested in issue#61, the backdoor is not usable:

$ python poc.py --ip 192.168.200.253 --shell
probably not vulnerable (error: [Errno 111] Connection refused)

But the WebInterface become broken:
-the SETUP page is not complete
-the STATUS page display no information

@vittee

This comment has been minimized.

Show comment
Hide comment
@vittee

vittee Jan 6, 2014

This work for me

iptables -I INPUT -i ppp0 -p tcp --dport 32764 -j DROP

vittee commented Jan 6, 2014

This work for me

iptables -I INPUT -i ppp0 -p tcp --dport 32764 -j DROP
@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb
Owner

elvanderb commented Jan 25, 2014

So?

@329229

This comment has been minimized.

Show comment
Hide comment
@329229

329229 Dec 28, 2014

Maybe that's a little bit late, but i'd like to point out that the now dead openwag200g wasn't listening on the internet after all.
(snippet from original firewall script:
SYSLOG "# ------ [ Special Port Handling ] ------------------- #"
$IPTABLES -A INPUT_TCP -i $WANIF -m multiport -p tcp --dport 23,80,32764 -j DROP
)

329229 commented Dec 28, 2014

Maybe that's a little bit late, but i'd like to point out that the now dead openwag200g wasn't listening on the internet after all.
(snippet from original firewall script:
SYSLOG "# ------ [ Special Port Handling ] ------------------- #"
$IPTABLES -A INPUT_TCP -i $WANIF -m multiport -p tcp --dport 23,80,32764 -j DROP
)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment