Skip to main content

Posts

Showing posts from August, 2017

Jieming's Router Anomaly

Last night, while randomly watching my router's activities, I found out that it has an active connection to some IP address owned by Amazon and hosted in New York. While trying to do curl request to the server's port 80, it returned a website and when I opened it in browser I was quite surprised because it is a ASUS router's web interface (ASUS RT-AC5300). So I figured that IP address is a router. The weird thing is that I was able to login automatically without being prompted with username and password. And also I am able to see everything, including the local devices connected to the router and administration settings. I tried changing something but it doesn't seem to persist the configuration change. So I took a look at the site's client scripts and it's kind of weird. By the look of the Javascript code, the apply button will never work at all. It looks like it was deliberately done.

I tried looking deeper and see which of  my processes  are connecting to thi…