D-Link router back-door

As you may have already heard, the following D-Link routers have a back-door built in:

DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240

and there are even some more from other vendors. D-Link can now line up with HP (see my post here) and many others.

There is still no excuse and reason for Vendors for building in back-doors in their products. However, keep in mind that the recent findings of back-doors only revealed very silly and odd implementations. There may be much more, not so easy to find back-doors that may allow NSA (or even worse) to access your equipment.

I said “silly” as this back-door again contains the name of the originator. The way how this back-door is working is just by using the following string as HTTP Agent “xmlset_roodkcableoj28840ybtide” and if you read this the other way round, you will know the name. Silly isn’t it. This will probably speak for itself about the code quality of this guy.

However, as I still had one of those D-Link routers in my basement, I created another Demo-Video that demonstrates how to test your own router for this back-door using my NetworkToolbox app.

Quite easy to do. So I would recommend to apply this test on your router, if you own a D-Link one.

Stay tuned,

regards,

Marcus