WNDR3800 backdoor

The Netgear WNDR3800 firmware is a version of OpenWRT, and that's one of the reasons I've bought this router.
While being open is a good thing, being wide open maybe it's not.

This firmware has a backdoor, enabled by a simple utility (the windows version is available directly from the Netgear support site).
Once executed, it gives root access to the router without any authentication.
Consequences may vary from simple denial of service (you can reboot at will), or something more elaborate: download the /etc/shadow file, run John the Ripper, and get the admin password. Then, logging on with the web interface, you can flash a full version of OpenWRT, install tcpdump and capture all unencrypted traffic.

Problem is that the backdoor can be enabled by any device connected to the router, even via wireless; so be aware that allowing someone to simply use your connection, means giving them full root access.
The backdoor is not accessible from the Guest Network, so if you are going to allow someone to use your wireless, at least give them only the Guest Network.

WiFi toggle on Asus WL-550gE

I don't feel confortable sleeping with my wifi on, so here is a script to turn it off at night:

First I created 2 scripts, one to turn it off:

# vi /root/wifi-off

#!/bin/sh
 
uci set wireless.@wifi-device[0].disabled=1
wifi
echo wifi disabled

And one to turn it back on:

# vi /root/wifi-on

#!/bin/sh
 
uci set wireless.@wifi-device[0].disabled=0
wifi
echo wifi enabled


Then I started up wifi at boot

# vi /etc/rc.local

# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.

/root/wifi-on

exit 0


Crontab:

# crontab -e

 0  7 * * * /root/wifi-on
59 23 * * * /root/wifi-off


The cron service is not enabled by default in OpenWRT:

# /etc/init.d/cron enable
# /etc/init.d/cron start

Good night...

OpenWRT on Asus WL-550gE

Recently my home wireless connection has been shaky: from 20% packet drops to lost connection from time to time.
So, after 6 years of flawless work, I've tried to install OpenWRT on my WL-550gE.
Even though the device is listed as supported, I haven't found any detailed procedure about installing the firmware.
Here is mine:

• Download and install on a windows machine, the Asus Firmware Recovery Tool.
• Get the latest OpenWRT image for the asus: note that even if it's a .trx file, upgrading with the router web interface isn't working.
• Set the windows machine IP as 192.168.1.1/24 and connect it to the LAN1 port of the router.
• Select openwrt-brcm-2.4-squashfs.trx in the Asus Firmware Recovery Tool but don't press Upload.
• Launch a ping -t 192.168.1.1
• Power off the router.
• Keep the black RESTORE button on the back of the router, pressed and power on. Keep it pressed until the POWER LED begins flashing.
• When the already running ping shows that the router is responding, press the Upload button in the Asus Firmware Recovery Tool.
• The firmware will be uploaded and the router will reboot: note that after reboot the POWER LED will remain off.
• Follow the firstlogin FAQ page to configure the router.