Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- The latest firmware of the router had hardcoded default credentials. These were found using a disassembler to take apart the firmware.
- Besides the hardcoded creds, there was an OS command injection because of bad processing of a parameter. Additionally, throw in a reflected XSS and default telnet creds.
- Not a great analysis of the bugs, but still something to go off of.
- It seems that all NAS's and routers have default creds or OS command injection. Pattern matching for common vulns is a very important part of research!
