Whenever possible you should choose a router that has Qo S (Quality of Service) if you plan to share the same internet connection with non-Vo IP services (such as desktop computers) but please note shared connections are not supported for Quality Issues and we do not recommend using Broadband ADSL based services for more than 2 handsets on a shared connection.
You should ensure that all devices are running the latest stable firmware from the vendor.
PORT STATE SERVICE VERSION23/tcp open telnet D-Link 524, DIR-300, or WBR-1310 WAP telnetd MAC Address: :5A:38:7D:77 (D-Link)Service Info: Device: WAPNmap scan report for 192.168.178.222Host is up (0.0031s latency).
PORT STATE SERVICE VERSION23/tcp open telnet D-Link 524, DIR-300, or WBR-1310 WAP telnetd MAC Address: : DB:6D: FE (D-Link)Service Info: Device: WAP The credentials are well known and documented on lots of different places around the internet. If you are interested on the configuration of this backdoor take a look at the following configuration of a DIR-300 device: /dev/console if [ -f "/usr/sbin/login" ]; then lf=`rgdb -i -g /runtime/layout/lanif` telnetd -l "/usr/sbin/login" -u Alphanetworks:$image_sign -i $lf & else telnetd & [email protected]:~/firmware/DIR300-extracted# cat rootfs/etc/config/image_signwrgg19_c_dlwbr_dir300 This is quite amazing but it would be a lot better if you could configure the box via the web management.
So, there are two ways to get the password of your management interface.
First of all you could just extract it from var/etc/httpasswd.
Use DDWRT firmware instead in this case if hardware revision allows for this.
Disable the SIP ALG setting on the router available in firmware releases 2.2.4 and higher.
It is too bad if your device has a backdoor directly from the vendor.
In some devices of the vendor D-Link you are able to find a nice telnet server listening on the internal network interface.
To test your D-Link devices for such a nice backdoor use for example Nmap to detect the telnet servers and the use the password list which is included into the Metasploit Framework within data/wordlists/dlink_telnet_backdoor_
[email protected]:~/msf-git/metasploit-framework# cat data/wordlists/dlink_telnet_backdoor_Alphanetworks wrgg19_c_dlwbr_dir300Alphanetworks wrgn49_dlob_dir600b Alphanetworks wrgn23_dlwbr_dir600b Alphanetworks wrgn22_dlwbr_dir615Alphanetworks wrgnd08_dlob_dir815Alphanetworks wrgg15_di524Alphanetworks wrgn39_dlob.hans_dir645 25c3 26c3 Advisory Automatisierung Backtrack Backtrack day 2010 Berlin CCC Discovery Exploit Exploiting Exploiting Frameworks Exploits Hacking hakin9 Home Network Devices Information gathering Metasploit Offensive Security Pentesting Security Training Vulnerability Web The views expressed on this site are my own and do not reflect those of my current employer or its clients.
We also recommend that you disable SIP Transformations (uncheck the box).