Netgear R6300 and WN2500RP - connect refused

Question

Netgear R6300 and WN2500RP - connect refused

hossman opened this issue 11 years ago · 4 comments

hossman commented 11 years ago

"probably not vulnerable (error: [Errno 111] Connection refused)" for both of the following devices...

Hardware Version R6300
Firmware Version V1.0.2.68_1.0.49

Hardware Version WN2500RP
Firmware Version V1.0.0.30_1.0.58

Answer 1 · 2014-01-03T00:57:42.000Z

thank you, updated :)

Answer 2 · 2014-05-14T23:41:19.000Z

False. Netgear R6300 has a backdoor that provides access to a root busybox shell through telnet.
You actually have to log in, but the username and password are not changeable through the GUI, and once you open the backdoor it stays open until you reboot it. Once you're in you can change the password though and close the door (if I remember correctly it was the "nvram" command, or something similar).

More details here: http://wiki.openwrt.org/toh/netgear/telnet.console#python-alternative.to.the.windows.version

See pull request #102.

Answer 3 · 2014-05-16T14:43:33.000Z

This repo is dedicated to the TCP/32764 backdoor and this router is not vulnerable to this backdoor.
I'm aware of the telnetenable vulnerability / backdoor but it's not the same :)

Answer 4 · 2014-05-17T21:00:11.000Z

Oh ok sorry, my bad!