Government Security
Network Security Resources

Jump to content

Photo

Hack NETGEAR ADSL Router


  • Please log in to reply
8 replies to this topic

#1 Ryan M

Ryan M

    First Sergeant

  • Second Lieutenant
  • 1,740 posts

Posted 04 March 2009 - 11:53 PM

To my knowledge, and this may sound pompous, but I may have written the first tutorial on doing this. I've seen lots of websites with this topic and never a way to do so. So here it is, after about 20 minutes of using my brain here is the sloppy (sorry it's 3AM) tutorial I bashed out for ya.

How To Change "BLOCKED BY NETGEAR FIREWALL"

1. Enable Debug Mode On Your Router
	a) http://192.168.0.1/setup.cgi?todo=debug
	b) http://192.168.0.1/block.htm
	c) view source of block.htm, copy it to notepad, edit to your liking.
	d) save modified block.htm as block.htm to your C:\ as c:\block.htm
2. Open up a telnet console
	a) telnet 192.168.0.1
	b) enter your router username
	c) enter your router password
3. Navigate/Change/CHMOD
	a) cd /etc/
	b) CHMOD 0777 block.htm
	c) mv block.htm old_block.htm
4. Upload
	a) open an FTP command line
	b) upload c:\block.htm to your server
	c) make sure it looks nice (NOTE: Angelfire/Geocities/etc... will not work, banners ruin it)
5. SECRET WGET in Router
	a) navigate to /etc/ in your router from telnet
	b) wget http://yourpaidwebhost.com/block.htm
	c) enjoy
6. Visit a blocked website
	a) visit a blocked website.

By Ryan M
For GovernmentSecurity.org

Questions/Comments - post here, I'll check back.
There is no security on this earth. Only opportunity.
-Douglas MacArthur

GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity

#2 Kenny

Kenny

    Former Commander In Chief

  • Retired Admin
  • 6,747 posts

Posted 05 March 2009 - 01:43 AM

lol...nice one ryan

i was showing my son a few weeks back a quick method.. when we stumbled upon several unencrypted access points via our back garden...

all we did was type in default ip's via browser ie 192.168.1.1 etc ,etc till we found the login page... then used the default router password for the type of router usually admin:admin to gain access ...unbelievable how many people don't change the default password and have firewall disabled ;)
Kenny aka ComSec

Please read the Forum Rules !!!

______________________

#3 Ryan M

Ryan M

    First Sergeant

  • Second Lieutenant
  • 1,740 posts

Posted 05 March 2009 - 12:44 PM

Well this isn't actually to gain access, this is to change the default firewall page that says

"Blocked By NETGEAR Firewall"

- I didn't like having it on the network I'm administering right now because it reveals the name of the router and I believe the model # as well.

When I was looking to do it on google, everyone said you had to change the firmware and even NETGEAR support on their forum said that it couldn't be done :)

Posted the same tutorial over there, if you search for "Change Blocked Page" my post comes up as a response.

Cheers :)

P.S. you should teach your son what to do if you can get a shell/terminal login into the router. The possibilities are literally endless seeing as they run a linux kernel 99% of the time.
There is no security on this earth. Only opportunity.
-Douglas MacArthur

GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity

#4 Ignatius

Ignatius

    Private First Class

  • Members
  • 84 posts

Posted 06 March 2009 - 09:30 AM

Hey Ryan, that's pretty damned smart ... I've looked for something similar but have always drawn a blank! Pity that I don't have an external server to which I can upload a modified block.htm. I suppose I could host it locally but that would mean having IIS running on an XP Pro PC. Maybe I'll have a play around this weekend.

#5 Ryan M

Ryan M

    First Sergeant

  • Second Lieutenant
  • 1,740 posts

Posted 09 March 2009 - 12:25 PM

Ignatius, send me your block.htm page in an e-mail and I'll host it for you for 24hrs so you can download it. You may have to chmod some other files I found and rename all traces of block.htm to block.old and copy your block.htm everywhere you find it. It's not much harder then I posted. Just do some "list -al" on your box once you get in to make sure you find all copies :)

Cheers bud.
There is no security on this earth. Only opportunity.
-Douglas MacArthur

GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity

#6 Tsukeru

Tsukeru

    Private

  • Members
  • 1 posts

Posted 10 March 2009 - 04:08 AM

Hello Ryan,

Just wondering if there's and easier way to do this. I would love to change the page but as i'm not the best with computers, i don't get the instructions you posted :P .

Sorry to be a bother.

Thanks in advance, Tsukeru

#7 JakeT91

JakeT91

    Private

  • Members
  • 1 posts

Posted 04 April 2009 - 03:28 PM

Hey

I have a Netgear DG834GT Router and when I try this I get nowhere asking for username and password then when attemp to do the CHMOD 0777 block.htm bit it says "CHMOD: Not Found" any ideas on what I'm doing wrong.

Thanks in advance

JakeT

Attached Files



#8 gers1978

gers1978

    Private

  • Members
  • 1 posts

Posted 04 January 2011 - 08:07 AM

JakeT91: try using lower case (i.e. chmod instead of CHMOD)

Ryan M:


Hi mate

I followed your great tutorial to change the Netgear block page using telnet and block.htm, and it worked great, bar 1 thing: when you reboot the router, the old block.htm page comes back, and oldblock.htm gets deleted. I tried chmod to set the new block.htm to 000 (also tried 555), to no avail, it resets every time I reboot the DGN2000.

Thanks


#9 RyWells

RyWells

    Private

  • Members
  • 1 posts

Posted 10 July 2012 - 06:23 AM

Hi, can you guide me through this? I got to step two and was stumped.

I am having major trouble with this telnet. How do you use it?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users