[HOWTO] Searching the internet for the TCP-32764 netgear exploit

This is a backdoor from last month. You can find it in GitHub.
Here, i’ll describe a quick and dirty way to search the internet for this exploit.

This exploit allows complete control of the affected host. You can download/upload files, get a root shell, PPPoE credentials, admin password, etc.

The idea was originally posted here, however, the post didn’t described how to do it. So, i’ll post a very quick post on how to do it.

DISCLAIMER: educational purposes only. Use at your own risk. I only wrote the minimalist bash script and the how to.

Some more info from the author of the exploit.

Probable source of the backdoor:

Backdoor LISTENING ON THE INTERNET confirmed in :

  • Linksys WAG120N (@p_w999)
  • Netgear DG834B V5.01.14 (@domainzero)
  • Netgear DGN2000 1.1.1,,,, (issue 44)
  • Netgear WPNT834 (issue 79)
  • OpenWAG200 maybe a little bit TOO open 😉 (issue 49)

Backdoor confirmed in:

Backdoor may be present in:

Continue reading “[HOWTO] Searching the internet for the TCP-32764 netgear exploit”