If you’re in charge of your office Internet router, you’ve gotta be aware of that you router could be easily hackable if it’s simply protected by weak password. Researcher Dan Kaminsky will prepare a demonstration of hacking at the RSA conference how a web-based attack could seize the control of your office Internet router.
The technique Kaminsky uses is called a DNS rebinding attack, which would virtually work on all equipments that are loaded with web-based management interface including your networked printers or even your firewall.
The attack will be using a web page that is loaded with malicious JavaScript. Once the victim visits this web page, the JavaScript code will trick the browser into making changes on the web-based router administration/config page. The JavaScript could either tell the router to let the hacker to remotely take control of it or it could force the router to download new firmware, which any way could lead to the hacker to take full control of the router and the victim’s Internet communications.
The kind of DNS rebinding attack is basically taking the advantage of the way the browser uses the DNS system to decide what parts of the network it can reach. But another advantage that can lead to the attack more easily is most routers are left with weak or even default passwords for its administration web panel. Anyway, Kaminsky says the culprit that leads to this kind of attack is the issue of browser instead of the router. But, of course, if your router or other networked equipments have been changed with strong passwords then the attack can be minimized. So, do change your default password of your router now!
via [Engadget]
July 24th, 2008 at 1:31 pm
Awesome read, there is more information about this at isecuritysource.com Thanks for the article!