The Router Hacking Contest Results.

AbstractThe software on routers is a relatively unexplored area. With this in mind, it is no surprise that with our combined knowledge of network security and webapplication security, a further exploration of this landscape was only a matter of time. It is easy to understand that routers are already exploited by so called drive-by malware, because if you own the traffic originating source you can perform almost any command at will. The security landscape always changes, from the network to webapplication. This time it will shift between the best of both worlds. While the net becomes richer in technology, so will the attack vectors. Three weeks ago I launched a joined challenge with Gnucitizen to give readers a chance to join and inspect and hack their own router. It has been a unique contest that sparked the attention by many. 1st of March and all submissions are in and I'm very excited about the results and the exploits that are released. This research is important because it gives us an overview of the kind of vulnerabilities that exists within routers and other embedded devices. Hacking RoutersThe main problem with many routers is the authentication. As known, most routers come with default login credentials. This was not our field of research, because that is very well known fact. We wanted to see if there are other ways of attacking a router. Looking at the exploits, it is clear that authentication isn't always mandatory. If it is, we still could use CSRF and Javascript to do it for us. CSRF is almost undeniable the most dangerous method you can imagine to access a router remotely. The problem with this, is that routers usually do not utilize unique session tokens. But it can be far worse, if Javascript injection is possible e.g. XSS in the router, even proper tokens could fail. When both are possible, it will render all security useless for the router. It is important to understand that many attacks can be launched in stealth, which makes it a serious issue to be concerned with.Conclusion.A key thing to notice is that the use of web application based attack vectors can literally own the network. With Javascript and CSRF as our tools it is possible to smash your network security, your firewalls, your switches and your AV software or any other network based protection measure. If you are into network security and don't have much knowledge about web application hacking and security, it is time to start reading up on it. Overall it is time to accept that security isn't solely network based anymore. The vectors below are listed and gathered from various resources where the contest held place. Some are already acknowledged by the vendors, but the gross of them are zero-days and if you own a router that is listed below, you might want to consult a security expert in order to secure your router. The submissions proved to us once again that Javascript is the main culprit and that CSRF