orkinos Posted August 23, 2012 Share Posted August 23, 2012 I've just found a hidden menu on my Linksys/Cisco E4200 router and made a search on google to find out if there are any other. So far I found the followings. http://192.168.1.1/Wireless_Advanced.asp http://192.168.1.1/System.asp http://192.168.1.1/Cysaja.asp http://192.168.1.1/SysInfo.htm Now I am trying to find others if exists any. The question is how? I have some skills but I am not a hacker. What I will try is to implement basic code to try all possibilities (kind of brute force). However, I wonder if there is any other easy way to do it? Do you guys have any idea? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted August 23, 2012 Share Posted August 23, 2012 I don't think they are "Hidden Menus". Just the location of the menus you click around and use on the interface. http://www.codemonkeyninja.com/blog/?page_id=23 Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 23, 2012 Author Share Posted August 23, 2012 I don't think they are "Hidden Menus". Just the location of the menus you click around and use on the interface. http://www.codemonke...log/?page_id=23 I am not sure. Basically these pages do not have any link on the main administration menu. Yet, new Linksys routers do not come with telnet console enabled. So, I don't have the Telnet option. Actually, what I am trying to do by finding these hidden pages (pages that do not have links on the admin web console) is to enable telnet console to use all features of this router. Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 23, 2012 Author Share Posted August 23, 2012 The pages on the link http://www.codemonke...log/?page_id=23 is not available for the new linksys routers Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted August 23, 2012 Share Posted August 23, 2012 I would just flash it with dd-wrt instead of using the stock "spy-ware" firmware. Not only that, you get "ALL THE THINGS!" lol. http://www.computerworld.com/s/article/9228687/Linksys_firmware_upgrade_for_Wi_Fi_routers_angers_some_users Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 23, 2012 Author Share Posted August 23, 2012 (edited) dd-wrt does not have some features such as CTF. I saw several test on the netwhich result wit lof throughput with dd-wrt when compared to the original ROM. That is the main reason of wht I am not using it. but do I need that much throughput? I am not sure. I still can't decide it. PS: Luckly mine (e4200 v1) does not have cloud thnig. It does not support it Edited August 23, 2012 by orkinos Quote Link to comment Share on other sites More sharing options...
digip Posted August 23, 2012 Share Posted August 23, 2012 Well some of those links above are on my default meny system, but some of them were not like the System.asp one, shows me a uPNP table that is not anywhere else in the menu system that I could find. Cysaja.asp was another one that is not a default menu link, but exists and shows me router stats such as firmware, mac address, packets, etc. So I wonder, how many hidden interfaces are there, and do they pose potential threats from the WAN side. I have remote administration disabled over wireless and from the WAN side, but who knows if you were to call one of these special pages if they would bypass any lockouts. Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 24, 2012 Author Share Posted August 24, 2012 I will never buy a Cisco/Linksys product again. The make me sick. Few weeks ago, I used the Live chat of cisco. They make me sick all the time. The cisco engineer (?) even don't know what is WAN. What he understood when I say WAN was wireless. I spent like an hour to teach him what WAN is. He understood it when I say "Its the yellow port on the back off my router which is labled as Internet" I flash my router with dd-wrt last night as Mr-Protocol said and now I begin to configure it. Cisco is a pain. BTW: I found web interfaces of all Linksys products on the web. CJust check that out if you need. http://ui.linksys.com/files/ Quote Link to comment Share on other sites More sharing options...
digip Posted August 24, 2012 Share Posted August 24, 2012 I will never buy a Cisco/Linksys product again. The make me sick. Few weeks ago, I used the Live chat of cisco. They make me sick all the time. The cisco engineer (?) even don't know what is WAN. What he understood when I say WAN was wireless. I spent like an hour to teach him what WAN is. He understood it when I say "Its the yellow port on the back off my router which is labled as Internet" I flash my router with dd-wrt last night as Mr-Protocol said and now I begin to configure it. Cisco is a pain. BTW: I found web interfaces of all Linksys products on the web. CJust check that out if you need. http://ui.linksys.com/files/ I think what you spoke with was a customer service rep, not a real Cisco engineer. Having taken a Cisco class, I can tell you, Cisco people know there stuff, and you we're more than likely speaking with someone in a third world country reading from a script who has no clue how to setup a network. The real Cisco men and women who are certified engineers, wouldn't be the ones making housecalls. They'ed be working in some corporation configuring their networks and would more than surely know what a WAN is, let alone the WAN port on a router. Customer service people, are in general, not knowledgeable about any of that kind of stuff and if anything, have very little if any skill with setting up a network, so I don't know who specifically you spoken with, but I highly doubt it was anyone certified in networking or cisco products in general. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted August 25, 2012 Share Posted August 25, 2012 I think what you spoke with was a customer service rep, not a real Cisco engineer. Having taken a Cisco class, I can tell you, Cisco people know there stuff, and you we're more than likely speaking with someone in a third world country reading from a script who has no clue how to setup a network. The real Cisco men and women who are certified engineers, wouldn't be the ones making housecalls. They'ed be working in some corporation configuring their networks and would more than surely know what a WAN is, let alone the WAN port on a router. Customer service people, are in general, not knowledgeable about any of that kind of stuff and if anything, have very little if any skill with setting up a network, so I don't know who specifically you spoken with, but I highly doubt it was anyone certified in networking or cisco products in general. I sometimes wonder if those people have ever even seen the devices they're "supporting". Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 26, 2012 Author Share Posted August 26, 2012 I sometimes wonder if those people have ever even seen the devices they're "supporting". and, that affects the customer setisfaction in a negative way. Quote Link to comment Share on other sites More sharing options...
digip Posted August 26, 2012 Share Posted August 26, 2012 and, that affects the customer setisfaction in a negative way. Absolutely, and totally agree. I've had my ISP brick a modem in the past only to have customer service tell me "we don't update modems, you would have to go to the Linksys site and update it yourself" for me to say "its not my router that is messed up, its my MODEM, and customer owned, not rented" for which they say "we can't update your modem. We don't have access to do that." Which, is total BS. Just recently, comcast flashed my latest modem, and actually added dropbear and a bucnch of other shit on it I have no control over, including the new firmware. They are full of shit, because it even states on their website, paraphrasing "...we have the right to update the firmware on your modem and television and any cable cards connected to our network, whether customer owned or rented from Comcast", basically saying Fuck the customer, we'll do whatever the hell we want, and if we brick your TV, Modem, or computers Cable Card, we don't give a flying shit, and not our fault. I've actually considered talking to my lawyer about it and going to the state, to see if its possible to get a class action suit against them from doing this to customer owned devices. I understand, they have to push a config file to the modem, for connection tiers and local markets, but fuck with my firmware? Really? Adding backdoors like Dropbear SSH onto my device that is ONLY accessible from the CMTS side, ie: only Comcast can login to my modem from the ISP side, snoop on my network and if they wanted to MITM my connection via the Modem itself?? Yeah, not fucking happy with their policy or their bullshit disclaimer on their site, but they do it anyway and actually, this is my 3rd cable modem now, fotgot about my old Docsis 1.0 piece of shit RCA Thompson modem that barely worked after they we're done with it.Customer Service departments at companies like that, should have their names changed to Customer Aggravation departments, because thats all they end up doing. Not to mention, since the whole firmware update, I now see more foreign traffic on my routers access logs, that never used to be there, so my feelings are, they possibly opened a can of worms that puts attackers on their inside network, the ability to see customers home routers much easier now. Because of this, I don't use the internet without a VPN service now, because I don't trust my ISP. Not that the endpoint for a VPN service couldn't be any different on snooping, but having them as an exit node leaves me feeling a little better about my travels online, and keeps my ISP from being able to MITM the traffic since its all encrypted between me and the VPN outside my home. Its also, increased my bandwidth, since the VPN is closer to me for some reason than my ISP, and upload speeds have gone from the capped 3-4mb back up to 10mb I used to get when I first bought my modem, and download speeds are actually the same, around 25mb down, so I can watch video and do other stuff on the VPN without any hitch in speed, if anything, faster than before. Quote Link to comment Share on other sites More sharing options...
hexophrenic Posted August 27, 2012 Share Posted August 27, 2012 Tell us how you really feel digip! :) Quote Link to comment Share on other sites More sharing options...
orkinos Posted August 27, 2012 Author Share Posted August 27, 2012 I understand you very well digip. All service providers are same (not only internet but others too). Since 99% of their customers are standard home users they discard high end users. On the other hand, 99% of users are usually consult to high end users before they chose their providers. Right? ISPs are even unable to think this. Quote Link to comment Share on other sites More sharing options...
potato Posted August 28, 2012 Share Posted August 28, 2012 I can't stand these companies like Dell and Cisco that have great business class products but their soho products suck Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted August 28, 2012 Share Posted August 28, 2012 Though I've never been on a situation like yours, I can certainly understand your frustration Digip. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.