The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

CROSS-SITE REQUEST FORGERY ATTACKS AGAINST LINKSYS WIRELESS ROUTERS

Download

Download PDF Document
PDF

Author

Ryan Poyar

Tech report number

CERIAS TR 2010-15

Entry type

mastersthesis

Abstract

Wireless routers are common in the typical home and are becoming more so every year. While wireless networks can be convenient and provide many benefits they also have the potential to be insecure and vulnerable. Statistics show that a large percentage of wireless routers use weak or no encryption and many wireless routers still use their default password. This research analyzed the security of wireless routers, specifically the security of a standard Linksys wireless router. The research focused on CSRF attacks and the possibility for an attacker to modify a wireless router through such attacks. The results of the research were significant. Proof of concept code is provided that demonstrates a variety of different types of attacks that enable an attacker to modify a wireless router in order to gain complete and persistent control of the device.

Download

PDF

Date

2010 – 5 – 1

Key alpha

Web Application Security, Cross-Site Request Forgery (CSRF)

Publication Date

2010-05-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.