Rooting A NeoTV Set Top Box From The Couch

The NeoTV is a set top box built by Netgear to compete with the likes of Roku. It streams video from the usual Internet sources like Netflix, Hulu Plus, and YouTube. [Craig] recently cracked his unit open, and in the process discovered that the NeoTV can be rooted using nothing but the remote control.

He starts with a hardware overview. The box houses a single-board ARM design with a 128MB of NAND and 256MB of RAM. The serial port is easy to find, but it does not provide a root shell (which often is one of the easiest ways to root a device). He next turns to poking around the unencrypted firmware update to see what he can learn. That’s how he discovered that the SSID value when connecting to WiFi is fed into a system() command. This glaring security hole lets you run just about anything you want on the device by issuing commands as fake SSID names. It’s just a matter of a little Linux know-how and [Craig] now has root access on his device.

19 thoughts on “Rooting A NeoTV Set Top Box From The Couch

  1. LMAO! There’s a prank to pull if you know your neighbor likes to steal WiFi and has one of these NeoTV boxes!

    Are you telling us that you can just set up a wireless router that’s not connected to anything, call it “rm -rf /*” and that’ll work?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.