Skip to content

One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials - TriangeSnake's Blog #10

New issue
New issue
Open
Open
One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials - TriangeSnake's Blog#10
Labels
Gitalkb2b0969fc5cdece9cf9dc4e333f65ace
@TriangleSnake

Description

@TriangleSnake
TriangleSnake
opened on Oct 30, 2024

https://blog.trianglesnake.com/2024/10/31/One-Million-ASUS-Routers-Under-Control-Exploiting-ASUS-DDNS-to-MITM-Admin-Credentials/

ASUS Router APP 如何在外網連回家若有開啟DDNS設定,路由器的domain是a+md5(MAC Address).asuscomm.com,手機透過DDNS查詢IP後,再從8443 port連回去。 漏洞domain name 由MAC Address產生Domain name = a + md5(MAC Address) + .asuscomm.com因此,只要知道 r

Metadata

Metadata

Assignees

No one assigned

    Labels

    Gitalkb2b0969fc5cdece9cf9dc4e333f65ace

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions