1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRT54GX EU 1.02.02 Firmware - Hidden Pages / Security Holes

Discussion in 'Linksys Official Firmware' started by dr_vibes, May 25, 2005.

  1. dr_vibes

    dr_vibes Guest

    Glancing through the Linksys EU 1.02.02 firmware binary, I found references to some unlinked web config pages . . . d'oh if this is old news . . .

    /wifi.htm - Advanced wireless features.
    /test.htm - EMI / Lab testing page.
    /fw_id.htm - Another testing/info page.
    /Site_Suvery.htm - A mispelled Site Survey page. Not sure it works.
    /wizard.htm - A page to support the install program.

    Unfortunately, testing wizard.htm reveals some disturbing things. For one, it gives out all the passwords in plaintext. If that's not bad enough, it works without authentication! (No HTTP 401). Even worse, if you're brave (stupid?) enough to enable remote management, it works perfectly over the WAN, no auth required. :oops:

    Example wizard.htm output:
    -----------------------------------------------
    <>
    pppoe_username:
    pppoe_passwd:your_password_visible_here
    wan_proto:
    m_wan_hostname:
    m_wan_domain:
    m_wan_ipaddr:
    m_wan_netmask:
    m_wan_gateway:
    m_wan_dns:
    http_passwd:your_password_visible_here
    wl_ssid:W1R3L355
    wl_channel:14
    router_name:
    wl_auth_mode:psk
    wl_wpa_psk:159E448C91blahblahblah
    wl_wep:tkip+aes
    wl_key:1
    wl_key1:
    wl_key2:
    wl_key3:
    wl_key4:
    wl_passphrase:
    wl_wep_bit:
    mac_clone_enable:0
    wancablelink:
    ------------------------------
     
  2. Airey001

    Airey001 Network Guru Member

    I can't believe how little attention this is getting. This is a major security problem for anyone that owns a WRT54Gx Router. I verified this that his page wizard.htm doesn't require a password and it does tell your dsl and router password in plain text i called linksys to see if they had a beta firmware to fix this and they knew nothing of it and would have to look into it. This seems to affect all firmware versions of this router.
     

Share This Page