xorl %eax, %eax

Viking GS8100 Router

with 2 comments

After my last successful access to a home router I spend some time online finding similar devices. Today I found a Viking GS8100 router with default username/password and of course wide open to everyone.

username: admin
password: admin

This is not something new, everyone is expecting that some hopeless home users have their broadband routers on their default installations. But this had a static IP and after a quick whois I found that this belongs to a Costa Rica company who owns a /21 netblock. Well, here is a screenshot from the web interface of that router (blurred IPs for obvious reasons).

viking pwn 1

And here is the same router from telnet:

viking pwn 2

It’s kind of hard to believe that companies do not even change their default passwords on publicly accessible network devices. In addition to this, the above router had IP over ATM connection with another similar router from the same netblock which had default settings too!

viking pwn 3

And here is the second router’s main menu.

viking pwn 4

Honestly, I have no idea on what to say about this “corporate” network setup. Even the most stupid attacker can own their internal network in a few minutes. Pathetic.. yeah. That’s the word!

Written by xorl

February 20, 2009 at 05:19

Posted in network devices

2 Responses

Subscribe to comments with RSS.

  1. I think you can trigger a null pointer deref in these devices by logging in via ftp using a blank password. Semi-funny story, I recall a co-worker getting hammered by some worm from a user behind one of these. He asked me if I knew how to stop it, so I said “yeah let’s see”, quick nmap, ftp login as “ftp” with blank password, crash and burn in <20 seconds, hammering stopped.

    dude

    April 3, 2009 at 11:59

  2. How can you enable Remote Access having that kind of information? Is it possible? I am trying to change registry values in the remote server to enable it through telnet but I am still unable to do it so.

    Private

    May 31, 2009 at 08:46


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s