The Scary TCP32764 backdoor

I won’t say too much about this backdoor, it basically happens on your router/gateway which accepts a TCP connection on port 32764¬†Eloi Vanderbeken¬†@elvanderb¬†found this vulnerability last year in December and even though Netgear and Dlink have stated it’s *patched* they actually just disabled it.

I’ve made a small .NET tool which checks to see if you actually are vulnerable to this backdoor the source code can be found on github for those paranoid people -_-

 

Download:

http://cra0kalo.com/public/TCP32764_Tool.zip

http://github.com/cra0kalo/TCP32764

Further reading and resources:

http://github.com/elvanderb/TCP-32764

http://www.dropbox.com/s/e26s0udwf58idbh/TCP32764_backdoor_again.pdf

 

This entry was posted in Main and tagged , , , , , . Bookmark the permalink.