Automated Repair of Exploits in NETGEAR Router Binary
eschulte/netgear-repair
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Automated Repair of Exploits in NETGEAR Router Binary NETGEAR's WNDR3700 [1] is a very popular wireless router. Version 4 of the WNDR3700 contains exploits allowing unauthenticated users to change administrative options and completely disable authentication across reboots (see [2] for a full description of the exploits). We fixed these exploits using a method of automated program repair which operates directly on binary ELF files and requires no access to source code [3]. This fix was found before NETGEAR addressed these exploits---to my knowledge NETGEAR has not yet patched these exploits in the latest release of the firmware 1.0.1.42 as of 2013-11-19. The exploits exist in the WNDR3700's web interface. A single ELF executable CGI file serves this interface and applies configuration changes made using the interface to the router. Using copies of the NETGEAR firmware running in virtual machines to evaluate the fitness of candidate repairs, our technique discovered changes to this ELF file which patch the exploits described in [2]. This repository contains the instructions, code, and tooling used to develop this repair. These tools may be used to automatically change the behavior other binary ELF executables, making it possible to fix customize and alter binaries executables without any aid from the software's developer. An article describing the exploit, the repair technique, its application, and the repairs found is available at [4] and will appear in the Genetic Improvement workshop of GECCO 2015 [5]. Please cite this article using the following bibtex [6]. Step by step instructions to reproduce this repair are given in INSTRUCTIONS. Thanks to Zachary Cutlip for help reproducing these exploits in a VM. Footnotes: [1] http://www.netgear.com/home/products/networking/wifi-routers/wndr3700.aspx [2] http://shadow-file.blogspot.com/2013/10/complete-persistent-compromise-of.html [3] http://cs.unm.edu/~eschulte/data/schulte2013embedded.pdf [4] http://eschulte.github.io/netgear-repair/pub/netgear-repair-preprint.pdf [5] http://geneticimprovement2015.com/ [6] @InProceedings{schulte2015netgear, author = {Eric Schulte and Westley Weimer and Stephanie Forrest}, title = {Repairing COTS Router Firmware without Access to Source Code or Test Suites: A Case Study in Evolutionary Software Repair}, booktitle = {GECCO'15: 2015 Genetic and Evolutionary Computation Conference Companion Proceedings}, year = 2015, editor = {William B. Langdon and Justyna Petke and David R. White}, address = {Madrid}, publisher_address = {New York, NY, USA}, month = {11-15 July}, organization = {SIGEvo}, publisher = {ACM}, keywords = {genetic algorithms, genetic programming, Genetic Improvement}, notes = {gismo http://geneticimprovement2015.com/} }
About
Automated Repair of Exploits in NETGEAR Router Binary
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published