in Netgear, private

Netgear TLS Private Key Disclosure through Device Firmware Images, Hacker News

2k Views

Netgear TLS Private Key Disclosure through Device Firmware Images, Hacker News
  

              

    

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contains these certificates along with their private keys were publicly available for download through Netgear’s support website, without authentication; thus anyone in the world could have retrieved these keys.

GMT                     Extensions: none                     Signature: ecdsa-with-SHA 335                                 : : : 37: 0B: F3: 9B: CB: 65: 8F: CE: : : E5: BE: 2A:                                 : : 2D: F6: 4A: 4F: AE: A8: B6: : 6D: D4: 3F: : 1B: :                                 : C5: F5: B0: : : : : CD: : : EF: B9: D9: : DF:                                 32: BC: E3: : B2: : 20: : 2B: 4B: D2: : :                                 8E: : 1A: 69: 37: 4C                 Signed Certificate Timestamp:                     Version: v1 (0x0)                     Log ID: : : BF: E7: : 7C: F8: 8C: : : 5F: BD: F3: 6E: FF: :                                 8D: : 60: 42: FF: 4A: B5: : C1: B4: EA: FF: 5E: A0: : 0F                     Timestamp: May 1 : 57: .

GMT                     Extensions: none                     Signature: ecdsa-with-SHA 335                                 : : : : A7: 90: 0B: EA: DD: 3F: 0A: 6B: 5D: :                                 1E: C3: E2: 8A: F7: 6F: 32: 9D: : FA: CF: : F8: 10:                                 C5: A5: : 0C: : 26: 41: D0: : D7: 4C: 6D: : 62: 5C:                                 DC: A6: B1: : BC: : : F0: : 0A: B7: A9: 5F: 52: 43: DC:                                 B2: F2: A4: FA: FA: AA                 Signed Certificate Timestamp:                     Version: v1 (0x0)                     Log ID: : : : 9A: 2F: D7: C2: EC: D3: F5: E1: BD: : B2: 3E: C7:                                 : B9: BC: : : 5C: C0: EF: : : : D6: : D0: DD                     Timestamp: May 1 : 57: . GMT                     Extensions: none                     Signature: ecdsa-with-SHA 335                                 : : : 07: C3 : D7: ED: C6: : 47: 38: FC: 6F: 8F:                                 : : : BB: 62: F4: : : D7: 1F: EF: : E5: E1: 1C: 1F:                                 : : : EC: DB: 07: : 4B: 2A: 46: : 4D: 5E: FD: FA:                                 C5: E8: A1: 30: 9C: EF: DE: BA: : 7A: : 6D: 8E: 2A: : 6F:                                 : EB: 4B: DE: A4: 5E:                 Signed Certificate Timestamp:                     Version: v1 (0x0)                     Log ID: F6: 5C: : 2F: D1: : : 27: 

 : 13: 36: : : 8E:                                 E3: 4D: : : : BF: DF: 0C: 2F: : 0B: CC: 4E: F1:  E3                     Timestamp: May 1 : 57: . GMT                     Extensions: none                     Signature: ecdsa-with-SHA 335                                 : : :  07: E9: : : 94: : A3: FC: D6: 5C: B1: 38                                 1B: F9: AF: 81: 88: : F8:  : 256: : 38: E6: : A4:                                 FC: AA: 33: BF:  09: : : 8A: 8A: 8F: 50: F2: : E5: 11:                                 5F: 7D: 5E: FA: : : : AA: BE: BF:  : : 5C: 18: A5: C8:                                 6D: EE: 36: E3: D6: E3: 1F             X  v3 Key Usage: critical                 Digital Signature, Key Encipherment             X  v3 Extended Key Usage:                 TLS Web Server Authentication, TLS Web Client Authentication             X  v3 CRL Distribution Points:                  Full Name:                   URI: http: //crl.entrust.net/level1k.crl              X  v3 Certificate Policies:                 Policy: 2. .  1. . 1.5                   CPS: http://www.entrust.net/rpa                 Policy: 2. 26 1.2.2              Authority Information Access:                 OCSP - URI: http: //ocsp.entrust.net                 CA Issuers - URI: http: //aia.entrust.net/l1k-chain . cer              X  v3 Authority Key Identifier:                 keyid: : A2: 71: : DD: BC:  3F : CF: 7B: D4: F7: CD: 7F: A7: : C6: 0A: 4C: BF              X  v3 Subject Key Identifier:                 5D: 20: F2: BC: F7: B8: 2D: 0B: B8: 4C: E8: EA: A2:  E9: 16: : :  9D             X  v3 Basic Constraints:                 CA: FALSE     Signature Algorithm: sha  WithRSAEncryption          26: 41: ac: a8: 3a: e8: : 23: : dd : d8: 5c: e0: 30: : f1: d6: f9:          b8: :  : 79: 8f: : 4c: : 7b: c6: 2c: e7: 79: 4f: 6c: c3: 3c:          : : 3e: 54: ba: 0d: : 2f: 5c: 0c: 7a: 8c : 8b: cd: 7e: d9: fc: e3:          : : : :: 2c: e9: f6: 7f: bc: eb:  : e0: : : 5c: 5b: 1d: 90          9c: : 47: 79: fd: :   : : 8e: eb: 5d: 1d: 4e: : bd: 7e: 58:          0a: 7b:  aa : : ba: 7e: bc: eb: : 2d:  : : 3e: 5b: :  
           b0: a4: : 4a: 7d: f9: ea: df: 57: f2: f8: : a8: 5c: 6e: : : 8c:          1d: d5: : : cc: : : 4d: 2c: 8d: 5c: : 2d: 4e: 27: d0: ef: 48:          ea: f9: : 4f: e9: b2: 140: 1a: 4d: cc: 0c: e2: 91: 2c: a4: 1a: ed: a0:          : 0f: 58: 0c: 030: b3: dc: 1e: fd: f8: cf: df: : 3c:  : a7: 8f: 9f:          e6: da: : f7: 19: d4: 92: c2: cb: 0a: : 20: fa: a0: db: : 4c: :          ae: : : 5a: 28: a5: : 7c: : 1e: 2d: : 46: : cc: 5d: 5c: :          d1: : 8d: e3: : : b1: f5: : : 7c: : : e2: : : 91: 69          3d: 2b: 9f: : e9: 56: : 79: af: ab: 4c: e1: d8: : be : 77: 7c: 79          d7: 0a: : 48     According to the above output, this certificate, which is signed by EnTrust, is valid for the following DNS host names:  
 
  www.routerlogin.net

sRm / tp1ZPcaNG1yXyWjipI6GJDm7xPWsE BQ6LMrzxHA 80 bJXizWw4GuamPzsiQfcjRTaCWDyliapuFuAywjioQrrerrQD8wuk nmumMWgU2iCTqqenSfRtPsg5cuFiNcxnPwgurous / BQ7nbjHW5vbCDormKoOPpJc 5 bbE7tH4Ds9YOXzIuiPAQTP P8fuJsIyxIFwIDAQABo4IDbDCCA2gwHwYDVR0j BBgwFoAUkK9qOpRaC9iQ6hJWc DtDoo2ucwHQYDVR0OBBYEFCe1ojLjhJLG0zij g2phssDnQ1MdMA4GA1UdDwEB / wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHSAESDBGMDoGCysGAQQBsjEBAgIH MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb 24 vQ1BTMAgG BmeBDAECATBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vY3JsLmNvbW9kb2NhLmNv bS9DT (PRE9SU0FEb) haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGF BggrBgEFBQcBAQR5MHcwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuY 32 tb2RvY2Eu Y 34 tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb 29 TZWN1cmVTZXJ2ZXJDQS5jcnQw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA3BgNVHREEMDAu ghNtaW5pLWFwcC5mdW5qc3EuY 34 tghd3d3cubWluaS1hcHAuZnVuanNxLmNvbTCC AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA7ku9t3XOYLrhQmkfq GeZqMPfl w ctiDAMR7iXqo / csAAAFk1wwxPgAABAMASDBGAiEAlFr qHCTWeUK8bUp / i4NkTTV qKkdwWN3FvN1ZxZsJTMCIQCTZrrWJ1fYWaXHc4cjq / mE2d 030 UKf8Xo5AdKDdnLrP vQB2AF6nc / nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABZNcMM1cAAAQD AEcwRQIhAPEHkWMDt1FgX (ckPnj5g0qJ6Fz8Ezq) wbMWdah5AiAw uOx9Of hkKAt8ZrDdUUhZm8P5l 617 MkPBdPLr6magB2AFWB1MIWkDYBSuoLm1c8U / DA5Dh4 cCUIFy jqh0HE9MMAAABZNcMMWUAAAQDAEcwRQIhAPjflDJhxXFf1YSHFVhXuJ6f gYilOk7Bim5zOBn9M5vUAiBzgC7uTx3wCJodhftR2GZ6li / AEk7vrS4dbrf8PX3b uDANBgkqhkiG9w0BAQsFAAOCAQEAYdrEgO7r eVMbhVfydkMGifXi1cQMynEvl0 puix0hC3yJmABSVW0VFZXVTZpb3F1KzaFnPZjZfM9WSFPR8CxDe1e5oG 6C / 1CcR wJjwKKqEvDu / ZxjMPRNGTRibymIJUi3f (JLrPuyfVgWOYcg1smCz Uqneltf) W bbekvlTE7UpzdBC0opTpEEppnWAN7EVM5BLZq (o / NpO) aQPocrLSTeeYQQlce Sp / HsmQOsw0 FXwyxIQ (Vnlg7MPF7joMsx0IGFrx) pv2E7HbpMZVq3N5JWSQU Zqdpa / BNFB / iMflCHdh2nwgKK1xTj4ZgWmXOatxW (cwafM) A==—– END CERTIFICATE —–

The corresponding private key is:

BEGIN PRIVATE KEY ---- - MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDMV9VFrb1gyK9v UJfv ewHWkdo3XpugiNTFQutoMcLuEfZgz7etCazlKkP3Vw9Dlz8 / WGLpZZ5qVU YhdSFa1vIr 29 hDYUejscYGF6fYbY4plJ1AbpegDyQ / kRhwbIIA (FVG7E) tJznf zexGb 2nVk9xo0bXJfJaOKkjoYkObvE9awQFDosyvPEcDvhsleLNbDga5qY / OyJB 9yNFNoJYPKWJqm4W4DLCOKhCut6utAPzC6Sea6YxaBTaIJOqp6dJ9G0 yDly4WI1 zGc / CC6ui6z8FDuduMdbm9sIOiuYqg4 klzn5tsTu0fgOz1g5fMi6I8BBM / jw / x 4mwjLEgXAgMBAAECggEANCH0d2Jr / lU OFS4g / NFFFsj / M0Ef (UVg) fMOYBJV vPz8MuySa xXiS / ndnnYboy / Bwy7rxP4 h5MdNSy reSQIOKiI7mpcaxF omCa3 lO5TFR3bP / O3h5E7WbNUH1wRDfljQS3QxhhzP0UvDJIokoVlfV5hBkOOY1jC7rtK KtdInqD0y ALkxDAj5yk / 8kSxSirO5 / 3nzZAgzQxGr2r2psytEQlVMqRD4rcLymH WQ2GeZe0gr9wcWiFDvFBc3S7Blh BdNKbNuvplYdHq1PKnD1b2NegBIzYH fb6 DE XLCrSADwDbIE // L4B fvK6eOciMPqvmUD2mPGAQKBgQD2Qcu7LexNlKbk3B8v BBYwSda GCclvnAAZdBrEtp nuCHhusk6UokM4e3Xabq8 // pFm9UDaGdmW0S Bs (TvcbWNidpJ7hEOS) (sQ9dp /) GQKRb / tAfHRJ / GRgnd9tJKvuQwx / 5PRBl4gJb EROFG zNnNSFXZU8i0pwxUig0QKBgQDUbYOMm7Py8sYSU5dLfCPCvLFdYCddppfh 7wwFduF1ipqTfhFejOy 2TnxHFOEBX GfNRwtgP5FmKMEmbSYELEH7V 6yJus k MGxck6 pD2aX7bIUA (HOHCCOUA4zE6V / aN7nIon jgtj2vkjB3m7FCv6Tu 13 jTS C1wsXv9UZwKBgQDs2SGTGTsy7uuKKPDRLpQMw6gH ErezuMFmDb6xk9kbrizgR9 s Z8ZRd VFPrnNyhGdPfuvCbfOp8mSbMpp6xhoBVPofqxq6blu3FxUDvOwLrnam iLExi6uzlLY3l 81 QY8frVtDUzleMNlFft0 / X8aDTrah SltPudNCWKuUQKBgEy2 e8IkXHjI6XSm0UVGQFfL8rVIyw6L4d KhynWA5eCBU5sQXOGqtxE8CK9Wv bSKzc gD0vgv1CNn r7njws3Q cb9u0qEuYFvnzMol 47 LLJ / 6HrT6DIzJr1F2CtUmNpneO ECLMpivHtc / mMk1nuEizYHQWYyRx2fNcfN3dNJHTAoGBALeEHU0qn 883 Us / iyftC mB4CqgWDJ 28 jhDWbpu / mdagCymRWuP8hPHXlGcMSBSo2fZz9TBx9p5dAJkXSbUd BiG (boMCjmNrJnB ) (rh7lwcPIGpD3XAhQ) rm7YUC8Y7VAUGw6e / H zOJ eQx xqGaW9IOaJ7fMqT2LMo1yENb ----- END PRIVATE KEY -----

The DNS host name for the certificate is mini-app.funjsq.com .

Rationale for Full Disclosure

We are aware that Netgear has public bug bounty programs. However, at current date those programs do not allow public disclosure under any circumstances.

We as researchers felt that the public should know about these certificate leaks in order to adequately protect themselves and that the certificates in question should be revoked so that major browsers do not trust them any longer. We could not guarantee either if we had used the existing bug bounty programs.

Disclosure Timeline

What do you think?

0 Points
Upvote Downvote

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Brock Wilbur on Twitter, Hacker News

Brock Wilbur on Twitter, Hacker News

Emirati businessman donates Dh506,053 to free 10 prisoners