fredlaso Posted November 2, 2014 Share Posted November 2, 2014 Security researcher David Longenecker has identified a flaw in RT series ASUS wireless routers which allows an attacker to install malicious firmware through a MITM attack.The list of affected devices includes RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, and RT-N56U. However, according to the expert, RT-N53, RT-N14U, RT-N16 and RT-N16R could also be impacted since they use the same firmware base.Attack ScenarioWhen the ASUS RT routers check for firmware update, it download a file from http://dlcdnet.asus.comto identify the version and to download the appropriate firmware. The attacker performs MITM attack while the target downloading the first file. That means an attacker can change source of the firmware to his/her server. Since the flaw allows the installation of maliciously crafted firmware, it can infect the router and an attacker could be able to control target's traffic and steal sensitive data.Security researcher said "Since there is no SSL connection (no HTTPS), there is no SSL certificate to prove the identity at the other end, meaning we can conduct a man-in-the-middle attack. There are lots of ways to do this, but the easiest is to simply tell the router that dlcdnet.asus.com goes to your server instead of to the actual ASUS server.""Clicking the 'Check' button on the firmware upgrade screen queries our server instead of ASUS, finds that a "new" firmware is available, and downloads it. ASUS does some file integrity checking that I have not found a way around (though I believe it would be possible to use Firmware Mod Kit to modify a legitimate binary in a way that the upgrader would accept). I was successful though in taking an older genuine firmware (one with specific known vulnerabilities) and renaming it as a newer version. The router happily accepted that and "upgraded" to the older version," he added.http://www.effecthacking.com/2014/10/flaw-in-asus-wireless-router-allows.html Link to comment Share on other sites More sharing options...
Beamslider Posted November 2, 2014 Share Posted November 2, 2014 Asuswrt_merlin firmware is better and this is just another reason to use it instead.http://www.lostrealm.ca/tower/node/134 Link to comment Share on other sites More sharing options...
Cataract Kid Posted November 3, 2014 Share Posted November 3, 2014 I totally agree and that is why Merlin is on my Asus router. :D Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.