On Thursday, 2004-06-03 at 19:35:22 +0200, Tom Knienieder wrote: > Possibly vulnerable (not verified) > WG602 with other Firmware Versions > WG602v2 The WG602v2 uses different firmware. > Download the WG602 Version 1.5.67 firmware from Netgear > ( http://kbserver.netgear.com/support_details.asp?dnldID=366 ) WG602v2 Firmware Version 2.0RC5: http://kbserver.netgear.com/support_details.asp?dnldID=504 WG602v2 Repeater Firmware Version 3.2 RC6 http://kbserver.netgear.com/support_details.asp?dnldID=692 > and run the following shell commands on a UNIX box: > $ dd if=wg602_1.5.67_firmware.img bs=1 skip=425716 > rd.img.gz > $ zcat rd.img.gz | strings | grep -A5 -B5 5777364 2.0RC5 dd if=apfirmware_2.0rc5.img bs=1 skip=111596 of=rd.img.bz2 3.2 RC6 unzip wg602_v2_apfirmware_3.2rc6.zip dd if=apfirmware_3.2rc6.img bs=1 skip=112620 of=rd.img.bz2 In both cases this: bzcat rd.img.bz2 | strings | egrep 'Authorization|BASIC|super|5777364' Returns some garbage, but nothing similar to your output. Also logging in with super/5777364 does not work with my unit (unknown firmware release - I forgot the password and have to reset the unit. But it's getting a little late here.) HTH, Lupe Christoph -- | lupe@xxxxxxxxxxxxxxxxx | http://www.lupe-christoph.de/ | | "... putting a mail server on the Internet without filtering is like | | covering yourself with barbecue sauce and breaking into the Charity | | Home for Badgers with Rabies. Michael Lucas |
