From Shodan to Remote Code Execution #3: Hacking the Belkin N600DB Wireless Router

Our newest post of this interesting series of Shodan to RCE takes us to Belkin routers. Shodan search: “Server: httpd” “Cache-Control: no-cache,no-store,must-revalidate, post-check=0,pre-check=0” “100-index.htm” As at the time of writing this post, there were not so many results for the Belkin routers )-: By navigating to one of the shodan search results, we may getContinue reading “From Shodan to Remote Code Execution #3: Hacking the Belkin N600DB Wireless Router”

Blackhat Europe 2017 – conference notes

I had the pleasure to attend the Blackhat Europe 2017 in London – and it was enlightening! In this post, I shall provide links to the slide decks, videos and tools shared during the demonstrations, briefings and various talks. The abstracts for the briefings can be found on the official Blackhat Europe website.   1.Black HatContinue reading “Blackhat Europe 2017 – conference notes”

Should we be worried? Huawei router …Part II

This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of and a tftp port of 6169. As shown above,Continue reading “Should we be worried? Huawei router …Part II”

Huawei HG8245H router “privilege escalation”…Part I

This is a prequel to this post here Well, I got to play around with my router a few weeks ago. My router, a Huawei HG8245H version, is pretty decent for home use. First things first, the login password is smack on the bottom of router as below. Most routers have a well known defaultContinue reading “Huawei HG8245H router “privilege escalation”…Part I”