Create a web site with user-friendly instructions on configuring your router for popular games. (Port forwarding, etc..) Hustle for good Google rankings.
For each game, have an instruction sheet. Each instruction sheet is two pages long.
The first page tells you how to log into your router.
The second page contains the malicious <img> tag as described by JoachimSchipper, as well as genuine instructions to complete your router config. (If you want to hit multiple router firmwares, just include multiple <img> tags, each with its own parameters.)
From there, you can gain remote admin access to the router. Presumably, you'd want to automate whatever you're doing to people. So, after people visit the second instruction page, run a script that reconfigures the router however you please.
At this point, the sky's the limit, but might I suggest uploading your own firmware such as DD-WRT. From there, you could do all kinds of things, from the silly (replacing all downloaded images with kittens) to the nefarious (stealing passwords on all non-SSL sites).
Standard disclaimer: I'm not writing this to help the bad guys. They already know what to do. This is food for thought for the good guys.
I daresay if you included "...and you'll need to add this certificate to your browser..." you could get a good number of people installing your Totally Trustworthy Root Cert(tm) and do a bit of HTTPS MitM as well.
Makes it more likely someone will notice and you'll get flagged though I suppose.
What would be even easier and more evil is to inject some backdoor into every (non ssl) executable download. Then you can just install a keylogger or patch the browser or whatever else you please.
You're right. I hadn't thought of that, but it strikes me as one of the nastier attacks I've heard of in a while. Just think of how many downloadable packages require root privileges to install.
Create a web site with user-friendly instructions on configuring your router for popular games. (Port forwarding, etc..) Hustle for good Google rankings.
For each game, have an instruction sheet. Each instruction sheet is two pages long.
The first page tells you how to log into your router.
The second page contains the malicious <img> tag as described by JoachimSchipper, as well as genuine instructions to complete your router config. (If you want to hit multiple router firmwares, just include multiple <img> tags, each with its own parameters.)
From there, you can gain remote admin access to the router. Presumably, you'd want to automate whatever you're doing to people. So, after people visit the second instruction page, run a script that reconfigures the router however you please.
At this point, the sky's the limit, but might I suggest uploading your own firmware such as DD-WRT. From there, you could do all kinds of things, from the silly (replacing all downloaded images with kittens) to the nefarious (stealing passwords on all non-SSL sites).
Standard disclaimer: I'm not writing this to help the bad guys. They already know what to do. This is food for thought for the good guys.