forked from elvanderb/TCP-32764
-
Notifications
You must be signed in to change notification settings - Fork 0
some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G.
License
rdooley/TCP-32764
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Some random code/data about the backdoor I found in my Linksys WAG200G (TCP/32764). The backdoor may be present in other hardware, I'll update this readme accordingly :) Probable source of the backdoor: - SerComm https://news.ycombinator.com/item?id=6998258 (nice finding :) ) Backdoor confirmed in: - Linksys WAG200G - Netgear DM111Pv2 (https://twitter.com/eguaj/status/418143024019816448) - Linksys WAG320N (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/) - Linksys WAG54G2 (https://twitter.com/_xistence/status/418616691040350208) - DGN1000 Netgear N150 (elvanderb#3) - Netgear DG834G V2 firmware 4.01.40 (thanks Burn2 Dev) - Diamond DSL642WLG / SerComm IP806Gx v2 TI (https://news.ycombinator.com/item?id=6998682) Backdoor may be present in: - Netgear DG934 [probability: 99.99%] (http://codeinsecurity.wordpress.com/category/reverse-engineering/) - Netgear DG834 (http://www.netgear-forum.com/forum/index.php?showtopic=6192) - Netgear WPNT834 (http://forum1.netgear.com/showthread.php?p=270354) - Netgear WG602, WGR614, DGN2000 (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/) - Linksys WAG120N, WAG160N, WRVS4400N (http://zaufanatrzeciastrona.pl/post/smieszna-tylna-furtka-w-ruterach-linksysa-i-prawdopodobnie-netgeara/) - all SerComm manufactured devices (https://news.ycombinator.com/item?id=6998258) Backdoor is not working in: - Netgear WGR614v7 (thanks "Martin from germany" [your e-mail doesn't work]) - Netgear WNDR3700 (https://twitter.com/juliengrenier/status/418748575842304000) - Netgear CG3100 (elvanderb#6) - Netgear WGR614v9 (elvanderb#7) - Linksys WRT54GS v1.52.8 build 001 (thanks Helmut Tessarek) Some clarifications: I didn't want to lose my time in writing a full report, it's a very simple backdoor that really doesn't deserve more than some crappy slides. Moreover, my English is quite bad I had a lot of fun in writing / drawing those slides, all the necessary informations are in them, if people don't understand them or find them "too full of meme" then - well - it's too bad for them :)
About
some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- Python 100.0%