WPA Keys can cause Router to reset to factory default

Chris Rigg-Milner chris.riggmilner at yahoo.co.uk
Mon Mar 2 11:51:33 UTC 2009


 

Hi,

 

This problem has been annoying me for a couple of years now, so I finally
got around to doing some investigation after installing an upgrade to my
Belkin f5d7633uk router which uses Busybox V1.00.

I will admit that I am not 100% sure the problem is down to the busybox
software but as I cannot get Belkin to do anything about it I am trying this
so here goes anyway.

 

I have just installed f5d7633-4a_v1uk_1.00.25.bin a firmware upgrade for the
router from F5D7633-4Av1_UK_1.00.17_AnnexA.bin which was itself an
ineffectual fix for similar issues on the v10 release.

 

When I set up WPA security for wireless connections I like to use the
www.grc.com/password generator to get a "63 random printable ASCII
character" password.

 

THE PROBLEM:

 

Some characters cause major problems to the router/router software.

Specifically 2 main issues:

If a " (double quote) appears in the string (valid according to the spec for
WPA Keys) this causes the key to become useless as the router saves the key
in the config file as a double quote delimited string. Becoming useless in
fact means that should you reload the config file it will truncate the key
and therefore make a shorter string. In other words it changes the key and
clients cannot logon as they have the correct Original key.

Now this one I feel is VERY SERIOUS.

Some characters that appear in the generated key cause the router to reset
to what I assume is a factory default setting.

This happens when you make the changes on the admin panel supplied, in my
case by Belkin.

When you save the changes to the security setting the router reboots, as I
suppose one would expect. The result of that reboot does not give any
indication of a problems but you now have a router with NO SECURITY AT ALL.
The admin password is reset to "" (blank, nothing, nada). The wireless
security is set to OFF, and  in many cases the ISP userid/password is lost
and the router must be re-configured from scratch.

This leaves your router completely open to the universe, unless it is
rendered useless by the loss of u/p to connect to the ISP.

 

Now this has happened to me using various WPA keys but this one is the last
one that caused it to happen, obviously not my current key.

wpakey="c/S/4Sc`oLTM at r_\?rJa$~Lu82Tr!^IA HXPQD9\P2RpJvz(+<:Lzk^2A#x{^c4"

 

I had already removed any " (double quote) character and added something in
its place but still, total mayhem on saving it to the router from the admin
panel security page.

 

 

I hope this is not your problem and if not, please let me know and I will
have another attempt at getting Belkin to fix the problem.

This is a great pity as the mix of their hardware and your software make a
perfectly adequate package apart from this issue.

 

 

Regards

Chris Rigg-Milner

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20090302/fe33ea80/attachment.htm>


More information about the busybox mailing list