Page 1 of 1

WAP Backdoor

PostPosted: Fri Jan 31, 2003 7:58 am
by sysadmn
I stumbled across this on the Wardriving.Com blog. It's a couple of months old, but still (IMHO) newsworthy.

It seems that the OEM SW developer put a backdoor in their software. By sending the word "gstsearch" to a particular port, the WAP will reply with the WEP keys, mac filter settings, and admin password! It gets worse: this works from either the LAN or WAN interface! This definitely falls into the "WTF were they thinking?' category. Or did someone forget to #define before production release?

Nothing to worry about, unless your vendor bought this software. Anyone want to test the Linksys WAP11-V2.2?

http://archives.neohapsis.com/archives/bugtraq/2002-11/0008.html

PostPosted: Fri Jan 31, 2003 12:03 pm
by Jaffo