Creating a Smart Home Router Security
Goals
Identify and assess potential security vulnerabilities in a TP-Link router. Analyze the extracted firmware to understand the inner workings of the device and identify potential weaknesses. Leverage CVE databases to discover known vulnerabilities associated with the specific TP-Link router model.
The project will investigate a TP-Link router and focus on the following identified CVEs (Common Vulnerabilities and Exposures):
- CVE-2018-6692
- CVE-2018-6832
- CVE-2017-14491
- CVE-2019-9483
- CVE-2018-20100
It’s important to note that without further details about the specific TP-Link router model, it is difficult to determine the exact impact of these CVEs. However, these identified CVEs can serve as a starting point for the security analysis.
Phased Approach
Phase 1: Network Security
- The firmware we installed on the router uses the “iptables” Linux firewall.
- Configure iptables for traffic filtering and forwarding traffic to the relevant destinations.
Phase 2: Web Security Security
- Second most prevalent in OWASP Top 10.
- Inserted vulnerable code for the WebUI on the router.
- Teaching hands-on exploitation and mitigation techniques.
Phase 3: Firmware Security
- Exploiting “dnsmasq 2.70” which is vulnerable to Buffer (Heap) overflow.
- Get root access and complete control over the device.