[Pelaca] upgraded the RAM on his D-Link DIR-320 router from 32MB to 64MB. This hack is simple enough: swap out the existing RAM chip for another one and change the bios to make use of the upgrade. The actual execution is not that simple because of the pitch of the TSOP II package; you’ll need to bring your mad soldering skills to pull this off.

This reminds us of when upgrading original Xbox RAM to 128MB was all the rage. It involved the same type of hack, adding four memory chips to unpopulated positions on the motherboard. The forums are thick with people complaining that their box not working after a failed upgrade attempt. Hopefully you’ll have better luck.

[Thanks Juan]

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]

D-Link is adding captcha support to its line of home routers. While default password lists have been abundant for many years, it was only recently that we started seeing the them implemented in malware. Last year, zlob variants started logging into routers and changing their DNS settings. It’s an interesting situation since the people who need the captcha feature are the ones who will never see it, since they won’t log in to change the default password.

[photo: fbz]