Xmlset roodkcableoj28840ybtide
Jump to navigation
Jump to search
- xmlset_roodkcableoj28840ybtide is a known backdoor on some Alpha Networks
- (originally D-Link's R&D + manufacturing division, they spun off in 2003) manufactured products.
- It is enough to change browser’s user agent string to “xmlset_roodkcableoj28840ybtide” (no quotes),
- to access the web interface without any authentication and view/change the device settings.
- If you read this string backwards you will get: edit by 048820 joel backdoor.
- More information is available on /dev/ttyS0 (Reverse Engineering a D-Link Backdoor).
Affected devices
Affected devices would all seem to be using Realtek RTL86xx SoCs.
Confirmed
- D-Link DIR-100 rev A - first noted affected device on Craig's post
- D-Link TM-G5240 (FW ver: v4.0.0b29) - tested by M86
Possibly (via Shodan search for the thttpd build used)
- D-Link DIR-120 rev A1
- D-Link DI-624S rev B1
- D-Link DI-524UP
- D-Link DI-604S
- D-Link DI-604UP
- D-Link DI-604+
- Planex BRL-04R (likely)
- Planex BRL-04UR (likely)
- Planex BRL-04CW
- Planex BRL-04CW-U (likely)
Known Alpha RTL86xx devices in the DB
| Type | CPU1 model | Flash | RAM | Expansion IFs | WI1 model | Default IP | Default user | Default pass | |
|---|---|---|---|---|---|---|---|---|---|
| D-Link DI-524UP | wireless router print server | RTL8650B | 4 MiB4,194,304 B <br />32,768 Kib <br />4,096 KiB <br />32 Mib <br />0.00391 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | USB 1.1 | RTL8185L | |||
| D-Link DI-604UP | router print server | RTL8650B | USB 1.1 | 192.168.0.1 | admin | ||||
| D-Link DI-624S rev B1 | wireless router | RTL8651B | 4 MiB4,194,304 B <br />32,768 Kib <br />4,096 KiB <br />32 Mib <br />0.00391 GiB <br /> | 32 MiB33,554,432 B <br />262,144 Kib <br />32,768 KiB <br />256 Mib <br />0.0313 GiB <br /> | USB 2.0 Mini PCI | AR2414 | |||
| D-Link DIR-100 rev A | router | RTL8650B | 2 MiB2,097,152 B <br />16,384 Kib <br />2,048 KiB <br />16 Mib <br />0.00195 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | USB 1.1 | ||||
| D-Link DIR-120 rev A1 | router | RTL8650B | 4 MiB4,194,304 B <br />32,768 Kib <br />4,096 KiB <br />32 Mib <br />0.00391 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | USB 2.0 | 192.168.0.1 | admin | ||
| D-Link TM-G5240 | wireless router | RTL8650B | 4 MiB4,194,304 B <br />32,768 Kib <br />4,096 KiB <br />32 Mib <br />0.00391 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | Mini PCI | AR2413 | 192.168.0.1 | admin | |
| Planex BRL-04CW-U | router print server | RTL8650B | 2 MiB2,097,152 B <br />16,384 Kib <br />2,048 KiB <br />16 Mib <br />0.00195 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | USB 1.1 | 192.168.1.1 | admin | password | |
| Planex BRL-04R | router | RTL8650B | 2 MiB2,097,152 B <br />16,384 Kib <br />2,048 KiB <br />16 Mib <br />0.00195 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | none specified | 192.168.1.1 | |||
| Planex BRL-04UR | router print server | RTL8650B | 2 MiB2,097,152 B <br />16,384 Kib <br />2,048 KiB <br />16 Mib <br />0.00195 GiB <br /> | 16 MiB16,777,216 B <br />131,072 Kib <br />16,384 KiB <br />128 Mib <br />0.0156 GiB <br /> | USB 1.1 | 192.168.1.1 | admin | 0000 |
