Hacking the Free "La Fonera" Wireless Router

wertarbyte writes, "FON is still giving away their wireless routers for free in Germany and Austria until Wednesday — under the premise that the devices will be connected and used as FON access points. The router, called 'La Fonera,' is a variant of OpenWRT, but locked down to prevent modification, including a signed firmware image to prevent the upload of new software. It is, however, possible to get shell access by connecting to a serial port present on the circuit board. And now two students from Germany have discovered vulnerabilities in the CGI scripts used to configure the device, and successfully activated an SSH daemon on the device by exploiting them, giving owners a root shell on their router. They also provide a detailed description of the procedure and 'ready-to-use' perl scripts to open up your router."

Assorted thoughts on the Fonera

[Life700MB]

First at all, it isn't called "La Fonera". "La" in Spanish is just the "The" article, making it the Fonera, a Fonera, or how you want to call it.

It is free too here in Spain, but obtaining it's a really strange scheme that looks a lot like a scam to get private info from people. For example, it was offered for free for the readers of a well known digg-like web and they recommended to use the same user and password to request it as the people had in the web page?! WTF!? And a month later they bought part of the page!!!!

Extremely strange.

And what to say of the Fonera using hidden DNS servers property of the FON makers or scripts allowing free access for them with root privileges to your private network?

--
Superb hosting 200GB Storage, 2_TB_ bandwidth, php, mysql, ssh, $7.95