Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

NAS How To

How To: Hacking the Linksys NSLU2 - Part 1

Details: Published: Tuesday, 03 August 2004 08:08; Written by Jim Buzbee

Tags:

Finding a back door

A quick port-scan looking for open ports showed nothing of interest. Searching through all of the standard menus was fruitless as well. It was time to get creative.

A standard technique for accessing the internals of device such as these is to look for back doors. Developers of these devices need easy visibility into the running system and often leave a way to get in or to run tests. Sometimes this requires special development hardware, but it is also common for developers to get into the device through the a network connection.

The obvious place to start looking was in the web interface. I had noticed that all of the Administration menus were in a web subdirectory named Management. Since I knew that webservers can provide a listing of the contents of a directory depending on the webserver configuration, I decided to try this simple exploit by typing http://192.168.3.77/Management/ into my web browser. Bingo! I was rewarded with a complete listing of all of the files in the directory.

Ed. Note: This directory listing ability has been removed as of the V2.3R25 NSLU2 firmware

Included in the list of jpg and html files was a little gem called telnet.cgi. Step one complete. A potential back door discovered. Execution of the script showed the following screen:

Figure 2: Telnet enable screen

Disregarding the warning, I pushed the "Enable Telnet" button. The web page refreshed and I was greeted with the same screen except the message indicated that Telnet was now enabled! One step closer...

Discuss this in the Forums

More NAS

Wi-Fi System Tools

Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Most Read This Week

...

Over In The Forums

Daylight Savings / Parental Controls - Time Scheduling - Merlin 386.1 beta 4 + Asus 3.0.0.4.386.41535

Hi - This week I decided to upgrade my existing AC68U running merlin to an AX86U. I have been spending time today setting up the AX86U and installed M...

Asuswrt-Merlin 386.1 Beta (stage 2) is now available

Continuation of the first thread which covered beta 1 through 3.Jan 25th: Beta 5 is now available. Changes since Beta 4:Code: 3790c8fe9a Updated docu...

ASUS RT-AC87U with Frontier 500/500 FiOS service?

I have had FiOS service here for many years (originally through Verizon, now through Frontier) for internet (75/75), TV, & our landline phone. The pho...

Router admin panel requires WAN access?

Got an XT8 over the holidays. Overall have been very happy with it (uptime of 20 days, great coverage, no incidents, etc).As a result of today's ongoi...

Samsung Announces Wi-Fi 6E 5G phone

For those of you aching to be beta-testers for the first 6E routers, here's a phone to go with them. Samsung Galaxy S21 Ultra: The Ultimate Smartphon...

Don't Miss These

First Peek At Wi-Fi 6: ASUS RT-AX88U & NETGEAR RAX80

Updated - Our first look at the performance of NETGEAR's RAX80 and ASUS' RT-AX88U shows little benefit functioning as AC routers.

Read More
5 Things To Know Before You Buy A Draft 11ax Router

Updated: The first draft 11ax routers are almost here. Take a little time to know what you might be buying into.

Read More
160 MHz Wi-Fi Channels: Friend or Foe?

Updated - 160 MHz channel bandwidth is an essential feature of 802.11ax. We take a look at whether it means trouble for your 11ac network.

Read More
Wi-Fi Roaming Secrets Revealed

Ever wonder what happens behind the scenes when Wi-Fi devices roam, or more likely don't? We'll show you why the "seamless" roaming Wi-Fi gear makers promise is still as elusive as a Yeti.

Read More

1
2
3

› ‹