What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DHCP-data shared unauthenticated in login-view

R

Robert S.

New Around Here
Hello!

For the record i'm currently running Asuswrt-Merlin 380.57_0 on a Asus RT-N66U.
I noticed something strange when inspecting the source of the login screen.
The DHCP leaseinfo was showing as an array in javascript. I wouldnt say that this is critical, but as a user of this firmware i would like to not share my LAN-devices unless authenticated. Se the url for printscreen.

https://imgur.com/JbDDSoU

I don't know why this is showing public, but i assume that this code is used when authenticated but its still showed even if not logged in. Is this supposed to be like this?

Anyways, thumbs up for an awesome firmware. I really like it a lot :)

Best regards, Robert.
 
Interesting, and perhaps a big deal if the guest network is enabled - actually a really big deal if the guest network is enabled, as it shows topology of the attached clients...

I don't think this is RMerlin's code, this is likely part of Asus...
 
sfx2000 said:
Interesting, and perhaps a big deal if the guest network is enabled - actually a really big deal if the guest network is enabled, as it shows topology of the attached clients...

I don't think this is RMerlin's code, this is likely part of Asus...
Click to expand...

I hope you are right.
Anyone that is running native Asus firmware, or has the time to check this?
Or could we get a response from the author himself? :)
 
I am not sure if this poor guy is running native or Asuswrt, but the DHCP-info is showing here.
77.37.228.208:8080/Main_Login.asp

I found this via Shodan.io btw.
(If you havent checked it out you should. A giant database of portscan of almost all IPv4 adresses that can be used for analysis, fun and games)
 
Interesting...

Screen Shot 2016-01-17 at 4.42.16 PM.png
 
I've checked some more, it looks like this is in Asus-firmware.
But shouldnt this be fixed in Asuswrt? :)
Can we get a comment on this from the author?
 
All I get is:
Code: 
GET /Main_Login.asp HTTP/1.1

HTTP/1.0 401 Unauthorized
Server: httpd
Date: Tue, 19 Jan 2016 12:26:06 GMT
WWW-Authenticate: Basic realm="RT-N66U"
Content-Type: text/html
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999"><H4>401 Unauthorized</H4>
Authorization required.
</BODY></HTML>

Am I doing it wrong?
I am running john's fork.
 
Nullity said:
All I get is:
Code: 
GET /Main_Login.asp HTTP/1.1
 
HTTP/1.0 401 Unauthorized
Server: httpd
Date: Tue, 19 Jan 2016 12:26:06 GMT
WWW-Authenticate: Basic realm="RT-N66U"
Content-Type: text/html
Connection: close
 
<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999"><H4>401 Unauthorized</H4>
Authorization required.
</BODY></HTML>

Am I doing it wrong?
I am running john's fork.
Click to expand...
I never switched from the http based logon used in the fork to the token based logon used in the later firmware levels.

BTW...if you follow the code, they use this to determine if the logon is being made from the local lan by checking the logon ip against the valid lease ip's. It's Asus code, so any questions should be raised through the Asus support channels.
 
john9527 said:
I never switched from the http based logon used in the fork to the token based logon used in the later firmware levels.

BTW...if you follow the code, they use this to determine if the logon is being made from the local lan by checking the logon ip against the valid lease ip's. It's Asus code, so any questions should be raised through the Asus support channels.
Click to expand...

Thanks for the answer!
I understand. I think ill just switch to logging in to my router via VPN rather than having WAN access activated.
Sorry for directing this bug in your direction, you are clearly not responsible for this.
 
john9527 said:
I never switched from the http based logon used in the fork to the token based logon used in the later firmware levels.

BTW...if you follow the code, they use this to determine if the logon is being made from the local lan by checking the logon ip against the valid lease ip's. It's Asus code, so any questions should be raised through the Asus support channels.
Click to expand...
Are you planning to correct this in your fork by the way?
 
john9527 said:
Correct what?:confused: My fork doesn't use this logon code, and I don't plan on moving from the http based logon.
Click to expand...

Hmm sorry, i think i have misunderstood.

As said earlier i'm running Asuswrt 380.57 on my RT-N66U.
Screenshot of the dashboard: http://imgur.com/gtaiFAr

My loginscreen looks like this: http://imgur.com/HGiz5Fu

In the HTML-source of this loginscreen the whole DHCP lease-list is shown.
Screenshot: http://imgur.com/HIaljgM

I hope that i have installed the firmware correctly. Heres how i did it:

- I've downloaded the firmware from the Mediafire-source: https://www.mediafire.com/folder/bkfq2a6aebq68/Asuswrt-Merlin
- Extracted the TRX-file
- Installed it in the form displayed like this: http://imgur.com/H05YtFI

Is this the correct way?

I understand that this is Asus that has written bad code, but shouldnt this be something to fix in Asuswrt? :)
Isnt it possible to do this check backend rather than frontend in the javascript?
 
Robert S. said:
Hmm sorry, i think i have misunderstood.

As said earlier i'm running Asuswrt 380.57 on my RT-N66U.
Screenshot of the dashboard: http://imgur.com/gtaiFAr

My loginscreen looks like this: http://imgur.com/HGiz5Fu

In the HTML-source of this loginscreen the whole DHCP lease-list is shown.
Screenshot: http://imgur.com/HIaljgM

I hope that i have installed the firmware correctly. Heres how i did it:

- I've downloaded the firmware from the Mediafire-source: https://www.mediafire.com/folder/bkfq2a6aebq68/Asuswrt-Merlin
- Extracted the TRX-file
- Installed it in the form displayed like this: http://imgur.com/H05YtFI

Is this the correct way?

I understand that this is Asus that has written bad code, but shouldnt this be something to fix in Asuswrt? :)
Isnt it possible to do this check backend rather than frontend in the javascript?
Click to expand...


I think you may want to address this question to @RMerlin, not john9527. John offers a different fork of the Asus firmware, different than the one you're using (RMerlin is the author of your current firmware). ;)
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
CarlyElise Inbound dhcp discovery requests on port 68 Asuswrt-Merlin 6
Le_Sage Bug in DHCP dns Asuswrt-Merlin 1
L 3004 to 3006 wiped all DHCP reservations (YazDHCP) - settings restore did not fix Asuswrt-Merlin 7
J Saving the multiple DHCP Static Lists and Custom Client Lists from 3006 Routers with Guest Network Pro? Asuswrt-Merlin 24
I Clients are bypassing the DNS set by the DHCP server set by Merlin Asuswrt-Merlin 11
D Adding a Ubiquiti Cloud Gateway Max for routing and DHCP Asuswrt-Merlin 3
W asus rt-ax88u ipv6 through wireguard client dhcp problem Asuswrt-Merlin 1
A The seemingly dreaded "Your ISP's DHCP does not function" Asuswrt-Merlin 7
Toad004 DHCP Reservations for IPv6 possible? Asuswrt-Merlin 4
H DHCP server change Pool Starting Address Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 730 (members: 24, guests: 706)
Back
Top