Category archives: DD-WRT

Linksys WRT54GL Cross Site Request Forgery (CSRF) Vulnerability

26Jan08

The quite common Linksys WRT54GL v4.x has a serious vulnerability that can be exploited by hackers remotely (i.e., from across the Internet). The vulnerability is Cross Site Request Forgery (CSRF). This is possibly the second most common web vulnerability (second only to Cross Site Scripting aka XSS). Despite its prevalence, CSRF is not well known or understood by many people. I thought about writing a short explanation of CSRF but I don’t have my head around it well enough to feel comfortable explaining it to you. So, I’ve done the next best thing–I’ve located an excellent article by CSO magazine titled “Threat Watch: Cross Site Request Forgery (CSRF) Why a little-known web application vulnerability could cause big problems.”

As far as I know, this vulnerability is unpatched by Linksys which means there is update to fix this problem if you want to keep running the standard Linksys firmware. However, you can fix this vulnerability and gain additional features by upgrading to an open source firmware such as DD-WRT or Tomato. I happen to own a Linksys WRT54GL version 1.1 and have flashed it with the DD-WRT firmware. Because flashing a router’s firmware is not for the faint of heart, I have composed very detailed how-to instructions for those who are interested.

Another mitigation method I almost forgot to mention is to actually quite simple. Do not visit other websites while logged in to administer the Linksys WRT54GL. [via Secunia]

Filed under DD-WRT, Tech Advice, WRT54GL| | 3 Comments

Tomato Firmware Option for WRT54GL

19Jan08

Lifehacker has an interesting post on the Tomato custom router firmware. When a friend emailed me about the Lifehacker post, I first dismissed the article because when I was deciding on which firmware to flash my Linksys WRT54GL
with, I looked at Tomato but didn’t think it was as powerful as DD-WRT or OpenWRT. My interest in Tomato firmware was rekindled after reading Lifehacker’s article. The author acknowledged DD-WRT had a more robust feature set and polished admin interface. However, he said Tomato had a nicer layout, better Quality of Service (QOS) support, and better looking graphical charts than DD-WRT did. For what it is worth, the average user probably wouldn’t use the more powerful DD-WRT features anyway.

I wish I had the time/patience to re-flash my Linksys WRT54GL with Tomato just to try it out. Its very unlikely that I will because I don’t want to risk bricking my perfectly functioning DD-WRT enabled router. I also really like dd-wrt. Too bad flashing a router is a lot more complex than just installing software.

I decided to switch from DD-WRT to Tomato because it has all of the features I need. Additionally, DD-WRT has had some issues with several security vulnerabilities. While most vulnerabilities have likely been patched, finding a stable and patched new version proved complicated. Because most other sites I’ve found only describe how to flash to Tomato from the default Linksys firmware, I decided to write a tutorialabout how to switch from DD-WRT to Tomato.

Also, the Lifehacker article doesn’t mention OpenWRT (a couple of commenters do) but OpenWRT seems to be the hard-core geek’s choice. I’ve considered trying it out, but do not need all of the features. OpenWRT management system appears to be a Linux shell (i.e., command line). However, x-wrt is a method to attach a web front-end (i.e., gui).

If anyone wants to send me a Linksys WRT54GL so I can experiment with it and write more tutorials on firmware flashing, let me know and I can add it to my Amazon Wish List so you can send it to me easily.

Filed under DD-WRT, WRT54GL| | 13 Comments