Router Hacking Challenge.

Publicated on : 1201967546
#index.html# 0x000000.js 0x000000.txt 0x000001.js 0x000002.js 0x000003.js 0x000004.js 0x000005.js 0x000006.js 0x000007.js 0x000008.js 0x000009.js 0x00000A.js all.back all.html all.txt anal articles articles_old crowl.html index.html jquery-1.3.2.min.js split.sh while update #index.html# 0x000000.js 0x000000.txt 0x000001.js 0x000002.js 0x000003.js 0x000004.js 0x000005.js 0x000006.js 0x000007.js 0x000008.js 0x000009.js 0x00000A.js all.back all.html all.txt anal articles articles_old crowl.html index.html jquery-1.3.2.min.js split.sh while
We now have a joined project with gnucitizen to host and publish the results when the challenge ends. The project link can be found here: http://www.gnucitizen.org/projects/router-hacking-challenge

I decided to put up a little challenge.

I'm intrigued by router issues, the folks at gnucitizen have submitted numerous router exploits in the last months. Problem is, they hack their own router brand. Something I cannot test myself because I don't own it. Since I'm always short on the green, I thought it would be a good idea for each of us to inspect and pentest our own router. This way we can figure out how severe the router vulnerability landscape really is. The incentive is that you'll learn hacking routers, and this way you get something out of it also. So are you up to it? can you handle it? can you find a vulnerability in your personal router? Then you are the perfect candidate to join!

The contest runs from 2 February until 29 February. If there are enough submissions, I will write about it and compose a list of the best router hacks that where submitted. I also pick my personal favorite out of that list as the main winner. The Hacker Webzine currently grows each day. The site has 100 to 150K hits each week, so this can give you a lot of attention and spotlight! The rules are very flexible, every kind of exploit is allowed. From buffer overflows to CSRF issues that plague many routers. My personal favorites are CSRF issues since they always work in any situation.

You can submit your entries to this email: hackerwebzine[at]gmail[dot]com.

Happy router hacking!

For some inspiration, you can visit gnucitizen.org or take a look at this example that shows a CSRF issue that was discovered last week on the 2Wire router brand: