Олег Купреев «Уязвимости программного обеспечения...
TRANSCRIPT
- 1. Telecommunication Hardware Vulnerabilities
- 2. WHOAMI HACKER REASEARCHER @ DSEC.RU @090h, [email protected] ADMIN @ ISP IN THE PAST HACKING TELECOMMUNICATIONS SINCE 2001 HACKING HARDWARE SINCE 2012 DREAM TO LEARN, LEARN TO DREAM
- 3. TELECOM HARDWARE MODEM ROUTER SWiTCH ATS HYBRiD
- 4. VULNERABiLiTiES DEFAULT CREDENTiALS (admin:admin, admin:1234, cisco:cisco) PLAiNTEXT PASSWORDS (/var/passwd) BACKDOORS/ISP ACCOUNTS AUTH BYPASS USER iNPUT MiSVALiDATiON (COMMAND/SQL/HTML/XML injection) iNFORMATiON DiSCLOSURE CSRF XXE BOF (stack, heap, of-by-one) WPS*
- 5. VENDORS & VULNS @ EXPLOiT DB Cisco 144 D-link 81 Linksys 49 Netgear 36 TP-Link 18 Zyxel 15 Huawei 13
- 6. MODEMZ
- 7. 3G/4G modems. Made in China by Huawei.
- 8. Zero CD
- 9. Zero CD-RW
- 10. EViL C0NF
- 11. OUC.EXE = OUCH LPE
- 12. 3G/4G MODEM -> CYBERWEAPON
- 13. CR0SSPLATF0RM 3G/4G M0D3M R00TKiT
- 14. ROUTERZ
- 15. SDLC BUBEN DANCiNG
- 16. BACKUP=FCUKUP
- 17. GET HTTP REQUEST
- 18. 20 AUTH BYPASS + CSRF = CONFiG UPLOAD 8) Firewall/AV bypass Botnet via Habrahabr
- 19. 21 habrahabr.ru CSRF Evil FTP server Config CSRF
- 20. Network configuration PPPOE account SIP account CONFiGURATiON
- 21. OLD DAYS
- 22. 24 2-12-85-06 2-12-85-06 2-12-85-06 2-12-85-06 2-12-85-06 2-12-85-06 XXI century
- 23. AUTH BYPASS + CSRF + COMMAND INJECTION = w00t w00t rem0t3 reb00t Back to 90s.. Do you remember +++ATH.jpg trick? WARNINNG!!! WARNINNG!!! WARNINNG!!!
- 24. Huawei HG8245 Jtagulator Huawei 8245 hacking
- 25. PLACE 4 FUTURE ViRUSES
- 26. PASSWORDS.
- 27. How to rob the train in XXI century? Easy!
- 28. WARNINNG!!! WARNINNG!!! WARNINNG!!! WITH GREAT POWER COMES GREAT RESPONSIBILITY 272, 273, 274
- 29. STAGE 0x00 Search for train with WiFi Buy train ticket Dont miss the train
- 30. STAGE 0x01 admin
- 31. STAGE 0x02
- 32. STAGE 0x03
- 33. STAGE 0x04
- 34. SIP hacking? Port 5060 + SHODAN Auth needed? Web interface?
- 35. CALL TO UID 0
- 36. but check!Trust,
- 37. Any questions? INFO: @090h [email protected] Links https://github.com/0x90/routerz https://github.com/0x90/modemz