DD-WRT router, broken?

[Kaisha]

/////////// Problem solved, typical case of ISP doesn't know wtf they're doing. /////////////

Not sure what's been up, but around noon today my router decide to shit on itself.

Tried to see what was the issue, and it didn't want to connect to my cable modem to my net. Used my backup router, connected fine and everything.

Figured the config file may have corrupted itself so I resetted back to factory settings, but after doing that, I can't change anything on the router itself, can't even restore my backup. (whenever it goes to 'apply' a setting, my browser just prompts me with a page error)

At this point I was considering reflashing it (if I can even do that as it stands), but apparently the DD-WRT site is down also, so I can't download the firmware, convenient. ;/

Anyone got any experience with this at all?

[EDIT] Of course the site comes back up after I post this, going to try reflashing it....

[Mizango]

Good deal, let us know how the reflash goes.

[Kaisha]

Manage to let it save stuff again by manually telling it to delete nvram via telnet (felt kinda old-school doing that >.>), currently in the process of trying to remember which bloody version of dd-wrt I needed for my particular router. It's still unable to connect unfortunately.

Ffs, this isn't my day, damn dd-wrt site being crap again.

Makes me wonder if I got hit by that vulnerability that was announced last week.

Testing (trying out said exploit to simply reboot router) :

Spoiler: show

http://192.168.1.1/cgi-bin/;reboot

[EDIT] Things seem good now, ISP had to phone back a couple hours later to announce to me everything apparently wasn't a-OK on their end. Just weird that it affected my DD-WRT router and not the backup factory-firmware router.

At any rate, least this problem brought my saving-issue to my attention and got fixed, as well as protecting it from that one exploit.

[Kryssan]

Glad you got the problem resolved, but I still can't see whatever is in what you spoilered. Routers tend to be rather finicky though... wouldn't be the first time I've had massive troubles with one for seemingly no reason at all and when you come back to it a few hours (days) later it works just fine. Major headaches.

[Kaisha]

If you're on a DD-WRT router with your IP set to 192.168.1.1 (default), opening the spoiler should make your router reboot (or potentially reboot the second the page loads, I'm unsure if spoilers load with the page, or load as its clicked open). Was just testing to see if the vulnerability fix (detailed/described here) was working, which it was when I entered it manually into a separate tab.

I'm actually surprised at how long it took for that to discover, that's a major exploit that could easily be abused by malicious users.

[Blabj]

Yup the exploit works, but it requires you to be using default addresses etc. I could reboot my router using the exploit, changed to reflect the specific settings I've set to the router (such as different default IP and port for the HTTP GUI)

Such a ghetto exploit, lol. I'm guessing given that you basically have command line access to the router that you could in theory uninstall DD-WRT from a web address, or even execute an externally downloaded script? Router botnets ahoy?

[Kaisha]

All it would take is a simple iframe injection (to the lovely users of IE) filled with 100s of instances of typical local IP addresses to start wrecking some havoc.

Exploit can give the user root access, so I'm under the assumption they could do whatever the fuck they wanted with the router, modify settings, lock users out, firmware it to make it a bot as you mentioned, or use it as an easier means to scout out local networks remotely for unprotected PCs to infect. Only drawback (I'm assuming) is that your average user doesn't have DD-WRT, so those that do should actually know how to protect their friggen PC.

[Cephius]

I thought you needed remote access enabled on the router for that DD-WRT exploit to work, and almost no one leaves their router configuration open to outside access...

[Blabj]

Newp, I don't have remote access on for that very reason, and it was still vulnerable till I applied the fixes.

[fishstix]

Has DD-WRT update in a while? The last time I flashed was maybe 2 years ago. I know if it's not broken, dont try to fix it... but new stuff rawr!