Netmap wordpres download#
Instead of taking the device apart, desoldering the firmware EEPROM, and interfacing to it with a BusPirate to rip the data off, I decided to go the easy route and download the openly available firmware from Netgear. Again, no luck at fun stuff here.įinally, let’s dig into the firmware. Potentially it’s for Multimedia Class Schedule Server, but that’s speculation at best. Google returned a bunch of people asking what it was, and nobody with any real answers. I tried playing around with this, but honestly I have no idea what it’s for. When connecting to it, the string “MMcS” is returned, along with two binary IP representations: 255.255.255.0 and 0.0.0.0. Next, we’ll take a look at that weird unknown protocol on port 32764. Sadly there’s not much you can play with here. SetEnabledForInternet isn’t present – shame, really, since it leads to a nice DoS condition.You can pull out stats such as total bytes sent/received, total packets sent/received, and uptime in seconds.I used Device Spy to get the following info: They’re mainly written in C# and are open source, so you can always port to Mono if you want. Finally, there’s an unknown protocol running on port 32764.įor messing with UPnP, I have the UPnP Developer Tools for Windows. UPnP on port 5000 is always a fun one to spot, and we’ll take a look at this shortly. This seems to be the norm for many routers, but I have no idea why. Interestingly, the configuration site was available on both. I ran nmap against the device and got the following results: PORT STATE SERVICE VERSIONĨ0/tcp open http BSkyB DG934G http configĥ000/tcp open sip BSkyB/1.0 UPnP/1.0 miniupnpd/1.0 (Status: 501 Not Implemented)Ĩ080/tcp open http BSkyB DG934G http config In this case it’s plaintext, so there’s nothing to break here, but it’s not exactly good practice – it includes the passwords for WiFi and the configuration interface. I exported the config file to my machine, and took a look. Since the previous tenant clearly wasn’t security conscious, he’d kindly left the device in its default configuration and I was able to log into the configuration interface using the default admin / sky credentials. My first job was to power it on and get into the config panel. Unfortunately, this being a UK-only device, there’s no FCC ID – if there had been, I could’ve looked it up on the FCC OET database and found all sorts of internal photos and test data, which is often valuable when looking at the hardware aspects. Internally, it runs on the Atheros chipset. It’s got four ethernet ports, an ADSL (phone) port, and takes a 12V power supply. It’s an ADSL router supplied by Sky (also known as BSkyB) as part of their old broadband package, but it’s actually manufactured by Netgear.
Netmap wordpres full#
The model is DG934, and the full part number is 272-10452-01. The router I shall be discussing in this post, however, was one of the easier and more generic bits of kit I’ve played with. Over the years I’ve desoldered EEPROMs from routers, done unspeakable things to photocopiers, and even overvolted an industrial UPS unit via SNMP. This isn’t the first embedded device I’ve played with. Awesome – a new toy to break! Sadly I got bogged down with silly things like moving house and going to work, so I didn’t get a chance to play with it. When I moved into my flat, I found that the previous tenant had left behind his Sky Broadband router.
0 kommentar(er)
