From Shodan to Remote Code Execution #3: Hacking the Belkin N600DB Wireless Router

Our newest post of this interesting series of Shodan to RCE takes us to Belkin routers.

Shodan search:

“Server: httpd” “Cache-Control: no-cache,no-store,must-revalidate, post-check=0,pre-check=0” “100-index.htm”

belkin shodan search

As at the time of writing this post, there were not so many results for the Belkin routers )-:

By navigating to one of the shodan search results, we may get such a dashboard, which in itself may be reported as a security vulnerability? – unauthorized access?, information disclosure?

belkin dashboard_

 

Getting key, method #1

By navigating to the link http://target//langchg.cgi and view the source..

key1_

The key can be clearly seen above, without authentication!

Getting key, method #2

By navigating to the link http://target/adv_wifidef.cgi and view the source..

key2_

Again, the key can be clearly seen above, without authentication!

 

Credits to the exploit author: Wadeek.

 

Advertisements

One comment

  1. Thanks for sharing interesting topic point of belkin routers because no where is talking about routers hacking. Waiting for next interesting post.
    Now i am coming at my section :- If anyone wants answer of this question then go through with our link :

    How do I access the web-based setup page of the router?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s