exploit

Alpha Networks Inc. Want to Backdoor Your Router

Posted on Updated on

In recent news posted on the Dev ttyS0 blog that a spin-off company of D-Link called Alpha Networks Inc. has embedded a backdoor to various D-Link and Planex firmware.

The blog post titled “Reverse-Engineering a D-Link Backdoor” really does a great job showing the step-by-step process the author took find the back door. There are nice visual diagrams and code fragments too.

In a nut shell, the genius programmers at Alpha Networks Inc. wrote some programs or services that needed to change the routers settings remotely. Knowing that the HTTP server on the device could do this, they thought to re-use its functionality. Yeah, 1 step forward, but it needs a password to log in so they though to add a routine to by-pass the authentication check based on a static user-agent, 2 steps backwards or rather 100 steps backwards into a pit of stupidity.

It’s bad enough they got one or more programmers who thought of doing this, it is even worse when you see what the user-agent string is; here have a look:

xmlset_roodkcableoj28840ybtide

Now for the grand moment of where genius meets idiot, spell that backwards!

editby04882joelbackdoor_teslmx

Yeah, Thanks “Joel” and I bet 04882 must be your employee ID code or something else that might be personally or professionally related to you. Thanks for backdooring D-Link firmware. This was already found by Russian hackers in 2010, so who know how long this might have been exploited for.

*** Update ***
Posted buffer overflow exploit proof of concept code on devttys0.com check it out here

Advertisements

Root Exploit on Samsung Devices Using Exynos Chips

Posted on Updated on

A root exploit has been discovered on the XDA-Developers forum by member alephzain. They state that this exploit works without having to flash the ROM using ODIN.

alephzain explains that the Exynos device file in the kernel /dev/exynos-mem allows read/write permissions to all users. Many have suggested that a simple fix would be to change the permissions to chmod value 0660 or 0600. Though forum member AndreiLux suggest that this may disrupt camera services on the device and a better solution involving “limit[ing] the access to the DMA memory spaces”

Then …. yes, 🙂 a point and click exploit APK program has been made to allow users to run the exploit and obtain super user privileges. It also allows you to patch the exploit and un-patch it as well. The APK file has been posted on the XDA-Developers thread, authored by Chainfire.

On a side note, the name “alephzain” kind of translates to “thousand good” or “a thousand good things” 🙂

** EDIT **
Just used Chainfire’s exploit APP. Works like a charm on my Samsung Galaxy S3! Now I can use the firewall to block apps from getting ads.