Backdoor for D-Link Router Firmware 6.07.
Over the last few weeks, my team and I have been doing extensive penetration tests on routers. We have been successful in many ways and have found a serious Backdoor for the D-Link Router Firmware 6.07.
At the time of writing this, this exploit can still be leveraged. We have contacted D-Link and we currently awaiting feedback on the patch. While we wait, read the in-depth breakdown below.
Product Page: DAP-1360
Hardware Version: F1
Firmware Version: 6.07
Test incorrect password for admin username.
Change admin to user and set password to user.
Notice how the cookie is updated.
Full access to the console.
Pre-Shared WiFi key shared in plain text.
Download and view system configuration file.
Save config.xml locally and find sensitive information.
Username and password in cleartext for serial connection.
WiFi SSID and cleartext password.
Username and hashed password for users.
Tested and does not affect DAP-1360, DSL-2750U, DAP-1533, DAP-1665, DAP-1650 with Firmware 1.00JP, 1.13, 1.16.
Keep an eye on our blog in the upcoming weeks as we will release all our findings here first.