1 / 15

Hacking WRT54G with Linux

Hacking WRT54G with Linux. Presentation Prepared By: Dan Scarberry TJ Dziedzinski Jeremy Leung. 2114. Overview. First, it relies on the linksys bug in the ping utility The ping hack is done as follows: 1. Go to the System tab of the router config. 2. Hit the "ping test" button.

levana
Download Presentation

Hacking WRT54G with Linux

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hacking WRT54G with Linux Presentation Prepared By: Dan Scarberry TJ Dziedzinski Jeremy Leung 2114

  2. Overview • First, it relies on the linksys bug in the ping utility • The ping hack is done as follows: 1. Go to the System tab of the router config. 2. Hit the "ping test" button. 3. Anything that is included in the "IP Address or Domain Name" box will be executed once you hit ping, providing the command is enclosed with ` ` marks, ie `/usr/sbin/wl -i eth2 txpwr 84`

  3. Overview Cont. • Two types of installs • RAM Disk • Creating Your Own Firmware • A Pre-built Firmware Upgrade • Router Hardware: • 125mhz MIPS Processor • 16 megs ram • Kernel 2.4.5

  4. WTF?

  5. RAM Disk Install • Use www.batbox.org/wrt54g-linux.html to download software • Can install with Linux or OSX(they are almost the same) 1. Modify the script called wrt54g.sh to change the ip address and password of the router It uses Java. If you prefer to use WGet, just un-comment the line in the script ***The script is unknown of working with the new version of linksys, but you can download and update from their site. This one is being tested on 2.02.2***

  6. Editing the Script • Open the file with the command: Nano Wrt54g.sh • To use WGet uncomment these lines: # PROGRAM="wget --quiet --http-user=$USER --http-passwd=$PASSWORD" # EXTRA="" # if you want to use curl, uncomment this #PROGRAM="curl --silent --output /dev/null --user admin:$PASSWORD" #EXTRA="“

  7. Router Identification • Insert your router’s IP address here: # the IP address of your wrt54g HOST=192.168.1.1 • And its login password here: # the login password on your wrt54g PASSWORD=YourPassword • Close script and save changes

  8. Piecing Together Your Package 2. Before executing the script you’ll decide what packages to include: • The file that you download is called distro.tar • UnTar it and then you can add or subtract files from it. • By default it has an SSH, Snort, and iptraf • Re-Tar the file when done. • You want to power cycle the router to clear the ram disk after each execution of the script

  9. Running the Script • Still at the console type in “./wrt54g.sh” • Run that and you should see a screen that says: - Installing to 192.168.1.2 - Making copy of receive tool - Starting receive tool - Sending bootstrap • After that, you should be able to Remotely Connect to the box. Menu

  10. WTF?

  11. Creating Your Own Firmware -Check out this site for a complete guide on using CramFS to create your own: http://www.seattlewireless.net/index.cgi/LinksysWrt54g#head-a1fd58ae09a5a3081e9851a6c18cccd65529da88 -Or you can use wrtgen at this site: http://nocat.net/downloads/wrtgen/ And those will create your binaries for ya Menu

  12. WTF?

  13. Pre-built Firmware Upgrade • We can go with a prebuilt binaries from companies such as sveasoft • www.sveasoft.com • Quick, Easy, and it has a huge amount of great utilities • SSH, Telnet, Cron,WDS • You can clear everything on the network by DNS(names) • Or you can create your own by using programs such as CramFS and WrtGen • Advantages of creating your own is that you can do bad things like • Trojans, backdoors, etc. • Or good things like customizing to your liking

  14. Pre-built Firmware Install -This site has links to where to download the firmware for free: • http://slashdot.org/~Theindividual/journal/ • We’re going to be using Sveasoft.Firmware.Alchemy_6rc5 • Unzip the zip file • Log Into Your Router • Find the Firmware Upgrade Tab • Click on browse and navigate to the bin file that you extracted from the zip file • Then power off the router • Turn it on and check out the services • Try putting programs on it • Kismet - Rasmus’s Toy Page • WinSCP

More Related