Linksys WRT54G / WRT54GS "Magical transformation into a useful piece of equipment or a brick"

Presented at ShmooCon I (2005), Feb. 5, 2005, 10 a.m. (60 minutes)

The Linksys WRT54G and WRT54GS series of access points can be purchased at many major retail computer and electronics stores. Many purchasers never realize the true functionality of these access points, and let's face it, many will not even change the defaults. Using custom firmware and software packages these items can be transformed into more functional pieces of equipment that can be used in a wide variety of situations with little or no extra cost. The first part of the presentation compares some of these custom firmware distributions and how to expand their functionality by: * VPNs * 802.1x authentication * SSH tunnels * Hotspots * IPTables firewalls * IPv6 * Logging * Custom Antennas * IDS functionality * Community networking * and more.... In addition, there is also a useful and entertaining section on what to do when firmware fails. The configuration of the devices involved is discussed and examples shown. The goal is to make it as easy as possible to extend additional functionality in these devices. Many access points capable of this functionality are significantly more costly and usually out of reach of the normal consumer. Using custom firmware such as OpenWRT or Sveasoft can put this functionality into the hands of the normal consumer. The second part of the presentation deals with using the WRT as an attack vector. This involves the WRT attacking either its own network or the network of another. These are purposes for which the WRT was not originally intended.

Presenters:

• QuiGon   as Quigon
  QuiGon resides in Jacksonville, FL and is currently providing system administration services to The Robin Shepherd Group, an advertising and marketing firm. He has 10 years of experience in electronics, system administration, networking and system security. Gene is best known for his work on the North American IPv6 Task Force, The North American IPv6 Forum, and his work on Fu King Linux (an IPv6 enabled distribution of Linux), which includes security tools that can be run in IPv4 or IPv6 environments. He has also spoken on IPv6 and other topics at several venues including Def Con, PhreakNIC, and Interz0ne. When not totally absorbed by system security related issues, Gene can be found wardriving, actively participating as Vice President of the JaxLUG, and building a successful and dynamic 2600 chapter, of which he is currently president.
• Sysmin
  Sysmin resides in Jacksonville, FL where he provides systems administration services for a government contractor. He has many years of experience in networking, systems administration, and information security. Most of his experience was gained in a military and government contracting role. Sysmin is currently finishing up his Master's degree in Information Technology and Information Security studies. He enjoys public speaking and has had the pleasure of speaking at many venues including Def Con, PhreakNIC, and Interz0ne. Sysmin is also a member of the development team for Fu-King Linux, an IPv6 enabled Linux security distro. He is an active member in the JaxLUG and is currently Vice President of the Jacksonville 2600. When he has some free time you can find him producing music, putting his RIAA toilet paper to good use, wardriving, and even dabbling in the world of parapsychology.

Links:

• https://web.archive.org/web/20060116151828/http://www.shmoocon.org/2005/program.html#sysmin

Similar Presentations:

• 30C3 (2013) / An introduction to Firmware Analysis: Techniques - Tools - Tricks
• BSidesLV 2015 / Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
• Black Hat USA 2015 / Using Static Binary Analysis to Find Vulnerabilities and Backdoors in Firmware