Skip to content
/ DVRF Public
forked from praetorian-inc/DVRF

The Damn Vulnerable Router Firmware Project

30 stars 136 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

b1ack0wl/DVRF

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
Firmware
Firmware
 
 
Source_Code
Source_Code
 
 
gdb
gdb
 
 
README.md
README.md
 
 

Repository files navigation

Damn Vulnerable Router Firmware (DVRF) v0.5

Thanks for checking out my project. The goal of this project is to simulate a real world environment to help people learn about other CPU architectures outside of the x86_64 space. This project is also for those who are curious about embedded research, but don't want to invest a lot of money.

This firmware was developed by modifying the GPL source code for the Linksys E1550. If you do not have an E1550 don't worry! There's always QEMU and I encourage end users to experiment with both environments.

Installation

To Install this binary onto your E1550 simply go to the Firmware Upgrade page http://192.168.1.1/Upgrade.asp and point the upgrade path to DVRF_v05.bin and click "Upgrade"

Removal || Revert

To revert back to stock simply navigate to the main page of DVRF http://192.168.1.1/index.asp, Click Browse, Point it to the stock firmware binary, and Click "Upload Firmware"

Getting Started

You don't have to have a E1550 in order to get started. The following link will show you how to get started with DVRF using QEMU to emulate the environment - https://www.praetorian.com/blog/getting-started-with-damn-vulnerable-router-firmware-dvrf-v0.1

Source Code for pwnables

Feel free to take a look at the source code for the pwnables so you can get a better understanding MIPS assembly. Please note that the compiled binaries used gcc flag -O0 to turn off compiler optimizations.

Compiling your own DVRF build

  • Download the Fedora 11 x86 ISO: https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/11/Fedora/i386/iso/Fedora-11-i386-DVD.iso
  • Deploy a new VM and Install Fedora Core 11
    • VirtualBox Installation Note: You'll need to setup the environment as "Linux --> Other (32-bit)" since the Fedora template uses a SATA drive which for some reason hangs the login screen.
  • Execute merge_and_extract.sh and if the tar ball was successfully made you can run clean.sh to remove the -a* files.
  • Execute deps.sh to download and install all of the needed dependencies.
  • Follow the instructions within the "README.txt" file to compile your own firmware binaries

=======

Fixes

  • Removed header check from unlink() within uClibc-0.9.29/libc/stdlib/malloc-standard/malloc.h for heap_overflow_01
  • It's now possible to compile the source and toolchain without root rights.
  • Pwnable sources are now compiled during the make process.

Notes

  • DO NOT HAVE THE WAN PORT PLUGGED IN WHEN INSTALLING OR RUNNING THIS!!!
  • UART access is needed in order to execute the pwnable binaries.
  • WiFi is disabled, only the ethernet ports are available.
  • Anything written up for this project must be made available to the public for free.
  • New levels will be released soon. DVRF will be overhauled without the hacked GPL code to make it easier to read+modify. Plus, I'm tired of having to use Fedora 11 for this.

b1ack0wl

About

The Damn Vulnerable Router Firmware Project

Resources

Readme
Activity

Stars

30 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • HTML 100.0%