unity

Linksys BEFSR41 router

8 posts in this topic

Anyone have any knowledge on hacking a Linksys BEFSR41 router? When I say hacking, I mean getting root. I don't really know where to go for info, but I thought someone here might know. Basically, I have the IP of the router, and the router has a web-based configuration system that needs a username and password.

Anyone familier with this?

0

Share this post


Link to post
Share on other sites

when you login to a linksys router (like my own for example) you don't put a username, just a pass, and the default pass is admin

0

Share this post


Link to post
Share on other sites

there was a replacement Linux distro for use on one of the Linksys routers posted on /. a while back.. IIRC, it exploited something in the web interface (after you were logged in).

other than that, all of the exploits I know of merely allow you to bypass the basic auth, and are only an option when remote administration is turned on for the WAN side.

0

Share this post


Link to post
Share on other sites
there was a replacement Linux distro for use on one of the Linksys routers posted on /. a while back.. IIRC, it exploited something in the web interface (after you were logged in).

other than that, all of the exploits I know of merely allow you to bypass the basic auth, and are only an option when remote administration is turned on for the WAN side.

that was the linksys WRT54G, btw.

0

Share this post


Link to post
Share on other sites

Take a look at:

http://www.securiteam.com/securitynews/6H004156AO.html

Also, click this link while associated with it to test the linksys router:

http://192.168.1.1/Gozila.cgi?sysPasswd=admin&.xml=1>

I have had this work on a few occasions. That will reset the password to admin if the Linksys router in question is running a certain firmware version listed in the securiteam link. You may need to change the above link so it says Gozilla. That's two L's instead of one.

Search securiteam for more linksys router exploits.

Hope this helps.

0

Share this post


Link to post
Share on other sites

I can confirm the above as working on my Linksys running

Firmware Version:      1.44.3, Feb 13 2003
0

Share this post


Link to post
Share on other sites

i believe that works on the BEFSR11 as well. as for remote administration, it will not allow you to enable it unless you use something other than the default pass

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now