Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Wireless Networking China Communications Java Network Networking Privacy Software The Internet News Technology

BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made (softpedia.com) 62

An anonymous reader writes from a report via Softpedia: A Wi-Fi router manufactured and sold only in China can easily run for the title of "most insecure router ever made." The BHU router, whose name translates to "Tiger Will Power," has a long list of security problems that include: four authentication bypass flaws (one of which is just hilarious); a built-in backdoor root account that gets created on every boot-up sequence; the fact that it opens the SSH port for external connections after every boot (somebody has to use that root backdoor account right?); a built-in proxy server that re-routes all traffic; an ad injection system that adds adverts to all the sites you visit; and a backup JS file embedded in the router firmware if the ad script fails to load from its server. For techies, there's a long technical write-up, which gets funnier and scarier at the same time as you read through it. "An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges," reports Softpedia. "If he misspells the SID and drops a zero, that's no problem. The BHU router will accept any value and still grant the user admin rights."
This discussion has been archived. No new comments can be posted.

BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made

Comments Filter:
  • by mspohr ( 589790 ) on Monday August 22, 2016 @07:17PM (#52752355)

    They clearly went to a lot of trouble to make it easy to access this router.
    I think we should give them credit for the "most user friendly router".
    Really, think of all the times you have had to battle with passwords, IDs, etc. to get access to your router... what a drag.
    Anybody can get into this thing.

    • by Anonymous Coward

      You're joking, but I've actually had marketing demand a website have unlimited user sessions; because if users have to bother entering their password again, they might just shop elsewhere.

    • At one point, while working on a team which was developing a custom web interface to a telephone system, our manager *insisted* that an HTTP GET method be added called "override". If the user requesting the web page manually added "override=1" to the URL string... all authentication was bypassed, allowing full access to that phone tree. That company and all software is long gone now but the override=1 remains as a fun joke among the ex-team members.

  • by Anonymous Coward
    It's China. Anything goes.
    • by swalve ( 1980968 )
      I have to wonder if the manufacturer is to blame, or if someone hacked them.
      • Does that matter?

        Of course you wouldn't want to buy stuff from a company that makes deliberately insecure products, but would it be any more trustworthy if a router manufacturer "only" got hacked?

  • by Anonymous Coward

    Yeah, it's "sold only in China" until we find out some American company imported them by the boatload, slapped their own plastic case around them, and are selling them under another brand. It wouldn't be the first time.

    • And they'll sell like crazy at the Best Buy Black Friday for only $5.99 (quantities limited).

  • by Anonymous Coward

    This... is probably one of the worst product break-downs I've read in my entire short life as a software dev. Who coded this ****, a monkey?

    The fact that it re-writes the root password and opens the SSH port means it's intentional 100%.

    • by Anonymous Coward

      Who coded this ****, a monkey?

      Come on now, you can say shit, promise. We're all fucking adults in here.

      • We're all fucking adults in here.

        I imagine that like with any community of people, there are some that are fucking kids instead of adults, and as this is Slashdot, there are many of us that aren't even fucking at all.

  • by Voyager529 ( 1363959 ) <voyager529@yahoo. c o m> on Monday August 22, 2016 @09:19PM (#52752921)

    Their safety comes from the fact that it's only sold in China, so they've already got a firewall.

    • Jokes aside, hacks from inside the firewall are the new hotness. I think the Australia Census DoS was inside the firewall. Perimeter defense is a fiction. Especially with the Internet of Never Updated Easily Pwn3d things.

  • coming from the shitty outleft softpedia here? I think I will stop dropping by...
    • by mha ( 1305 )

      Try Hacker News at https://news.ycombinator.com/ [ycombinator.com] for better submissions - and also for much better discussions. I don't want to advertise it too much though, let the "funny" commenters and over-emotional downvoters who can't say anything technical about the subject(s) being discussed remain on all the other websites... :)

  • A little router
    Such wow, closed never was
    So much interest

  • Some PABX stuff is like that - imagine all of the above only with telnet as well.
    Point Of Sale stuff sometimes has hardcoded passwords as well.
  • But if a US company had made it, it would be called "trusted".

  • by c ( 8461 )

    ... does it run DD-WRT (or variants)?

    That's really all I ever want or expect from an off-the-shelf router. I assume that vendor-provided firmware is crap, untrustworthy, or inflexible.

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...