JavaScript; to Attack Home Routers!
Techtree News Staff, Feb 16, 2007 1118 hrs IST
That you should change the default password on your home router - whether wired or wireless, has been ascertained by security researchers at Symantec...
That you should change the default password on your home router - whether wired or wireless, has been ascertained by security researchers at Symantec and Indiana University. The researchers have discovered that attackers can change the configuration of home routers using that 'usual suspect', JavaScript code.
The team found it is possible to change the Domain Name System (DNS) router settings, by using a connected PC to view a Web page with JavaScript code.
The change in DNS effectively allows a hacker to divert all Internet traffic passing through the router.
Senior Principal Researcher at Symantec, Zulfikar "Zully" Ramzan, said he's been able to get the proof-of-concept code to work on Linksys, D-Link, and Netgear routers, and that one can easily create a single Web site to be able to attack all routers.
Ramzan said that all kinds of home routers are susceptible to the attack - only if their default router passwords haven't been changed.
He explained that malicious JavaScript code embedded on the hacker's Web page logs on to the router using really simple default credentials, and then changes the settings.
One of the reasons why people don't change router passwords, according to Ramzan, is that typically router set-up steps do not prompt users to change passwords. As such, many people end up never properly configuring their networking gear at all.
While this research was first published in Dec 2006, Symantec has publicized the findings only as of yesterday.
As regards JavaScript's famed vulnerability, security expert from Atlanta-based SPI Dynamics, Michael Sutton, said Javascript's flexibility and power make it an increasingly common component of cyber attacks. He said people are always coming out with new tricks with JavaScript...
USER COMMENTS
Please do tell the solution for it. As a Tech Website you should suggest some Solutions and not just give the story..... As I Think !!
by hardnetin, mumbai, on Feb 17, 2007 04:26 PM, Report abuse Reply
login using Telnet <ipaddress-of-router>.. the deafult passwords would be admin or the company name like "beetel" or "admin" or something like that . you can search in google for getting deafult passwords of the router/adsl modem . Your ip address of the router would probably be 192.168.1.1 after running the telnet application log in with your default password and then use the command "passwd" to change the password of your router or adsl modem . Hope this is good enough
by Pradeep, Chennai, on Feb 17, 2007 05:38 PM, Report abuse
VIEW ALL LATEST
Leaked: HTC's WiMAX enabled T8290
News > Gadgets , October 11, 2008 1151 hrs IST
A new model that looks like the HTC Touch HD with WiMAX capability ...
Cheap Holographic Storage To Come Home
News > Hardware , October 11, 2008 1107 hrs IST
Will hold from 300 GB to 1 TB ...
Windows 7 Will Refine UAC
News > Software , October 11, 2008 1003 hrs IST
Will cease annoying you as much ...
iPhone Gets Brian Eno's Music
News > Gadgets , October 10, 2008 1759 hrs IST
Bloom app brings soothing music to your ears ...
Quantum Cryptography-New Kid on the Security Block
News > Security , October 10, 2008 1750 hrs IST
New solution for the ultra paranoid ...
MOST REQUESTED REVIEWS
S-Media NEWS
|
Sony Intros Wall Mountable VAIO NBThe new VAIO has a 19-inches screen framed by a transparent bezel to blend into... |
|
JavaScript; to Attack Home Routers!That you should change the default password on your home router - whether wired... |
|
S-Media 4 GB Microdrive LaunchedComputer Kitchen has launched the S-Media 4 GB Microdrive. The 1 inch... |
S-Media REVIEWS
|
S-Media CoCoPodReviews | Entertainment | Portable Audio/Video | 29 Mar 2004 When it comes to hard drive-based MP3 players, the iPod from Apple does lead... |
|
S-Media ButterflyReviews | Entertainment | Portable Audio/Video | 23 Mar 2004 With MP3 players becoming a common sight in the market, many manufacturers have... |
|
S-Media GeForce FX 5600Reviews | Peripherals | Graphics Accelerators | 22 Jul 2003 The GeForce FX 5600 is to the FX series what Ti 4200 was to the GeForce 4... |
S-Media USER REVIEWS
Security NEWS
|
Gandalf Rides Again. Ish.Will now use terrorists' cell phones to send them back to Mount Doom |
|
GPS Prone To BuggeringBriefcase-sized affair can muddle GPS signals |
|
Microsoft And The Fight Against "Scareware""Critical Errors" all hooey, they say |
Security REVIEWS
Security USER REVIEWS
MOST POPULAR NEWS
|
Could A DVR Save Your Marriage?News | Consumer Electronics | 04 Sep 2008 ...Or should you stick to your shrink? |
|
Firefox Counters Chrome's Speed TestAccording to Mozilla's SunSpider test, Firefox 3.1 is 28% faster than Chrome on ... |
|
Nokia N96 for Rs. 40,000?False alarm everyone... We have learnt from Nokia that the N96 will be priced be... |
MOST POPULAR REVIEWS
MOST POPULAR GAMES
MOST POPULAR DOWNLOADS
|
Forbidden.exe |
|
md5deepDownloads | System Tools | 04 Sep 2008 |
|
RivaTunerDownloads | System Tools | 03 Sep 2008 |
abc
by Hai, HCM, on Aug 29, 2007 07:24 AM, Report abuse Reply