Vro vulnerabilities: hackers show how to trap millions of hosts

Craig Heffner, Seismic engineer of network security consultant, plans to demonstrate how to rebind DNS rebinding through the long-standing DNS at the U.S. Black Hat conference on Saturday 7/24) technologies attack millions of vrouters around the world, and automatic attack tools will be published at that time.

The topic of Heffner's expected speech is "How to intrude millions of routers", with a schedule of 7/29 next Thursday ). He believes that many routers can access the internal management interface through the DNS rebinding vulnerability, and stressed that the related attacks are different from the existing DNS rebinding technology, hackers do not need to have much knowledge about routers, including the manufacturer, model, internal IP address, or host name, and do not rely on any DNS anti-lock technology to bypass the DNS re-binding protection mechanism.

Generally, programs embedded in a specific webpage can only be executed on the webpage, but the so-called DNS rebinding can subvert this same source policy, allowing malicious programs to penetrate into the private network.

Heffner will post an attack tool at this conference, which can perform automated attacks, including attacking vulnerabilities in home routers or logging in with preset creden, allows external hackers to view the network interface of the hacked router in real time, just as the hacker is directly located on the network of the hacked computer, at that time, he will demonstrate how to obtain the root shell permission of the Verizon FIOS Router from the remote end.

Currently, the brands of routers affected by methods and tools adopted by Heffner include Linksys, Belkin, ActionTec, Thompson, Asus, and Dell, and other products that use third-party firmware, such as OpenWRT, DD-WRT and PFSense.

1. Defend against IOS vulnerability attacks to ensure vro Security
2. Expert found Linksys WAG54G2 vro Vulnerability