[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Broken, Abandoned, and Forgotten Code, Part 6

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Broken, Abandoned, and Forgotten Code, Part 6
From: Zach C <uid000@xxxxxxxxx>
Date: Thu, 28 May 2015 10:31:31 -0500

Part 6 is live! We continue reversing the undocumented Netgear
firmware header by debugging the embedded HTTP server. We identify two
more fields, including an unknown checksum. A disassembly-to-python
reimplementation of the checksum algorithm is provided in this week's
update to the example code.
Here's a link:
http://shadow-file.blogspot.com/2015/05/abandoned-part-06.html

I forgot to include the link to part 5 in last week's message (whoops!):
http://shadow-file.blogspot.com/2015/05/abandoned-part-05.html

The goal remains to reverse engineer the firmware format so we can
generate a malicious firmware image to use when exploiting the
SetFirmware SOAP action described in parts 1-4.

If you missed my post to Full Disclosure where I introduced the
series, here's that:
http://seclists.org/fulldisclosure/2015/May/44

As always I welcome feedback via email or Twitter. I'm @zcutlip.

I hope you enjoy it!

Cheers,
Zach
-- 
:wq!

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Logical Flaw in Google's OAuth
Next by Date: [FD] XSS vulnerability in IBM Domino
Previous by thread: [FD] Logical Flaw in Google's OAuth
Next by thread: [FD] XSS vulnerability in IBM Domino
Index(es):
- Date
- Thread