Home
Education
Олег Купреев «Уязвимости программного обеспечения...
1 39
100%
Actual Size
Fit Width
Fit Height
Fit Page
Automatic
Олег Купреев «Уязвимости программного обеспечения телекоммуникационного оборудования»
Embed Size (px)
344 x 292
429 x 357
514 x 422
599 x 487
Citation preview
1. Telecommunication Hardware Vulnerabilities
2. WHOAMI HACKER REASEARCHER @ DSEC.RU @090h, [email protected]
ADMIN @ ISP IN THE PAST HACKING TELECOMMUNICATIONS SINCE 2001
HACKING HARDWARE SINCE 2012 DREAM TO LEARN, LEARN TO DREAM
3. TELECOM HARDWARE MODEM ROUTER SWiTCH ATS HYBRiD
4. VULNERABiLiTiES DEFAULT CREDENTiALS (admin:admin,
admin:1234, cisco:cisco) PLAiNTEXT PASSWORDS (/var/passwd)
BACKDOORS/ISP ACCOUNTS AUTH BYPASS USER iNPUT MiSVALiDATiON
(COMMAND/SQL/HTML/XML injection) iNFORMATiON DiSCLOSURE CSRF XXE
BOF (stack, heap, of-by-one) WPS*
5. VENDORS & VULNS @ EXPLOiT DB Cisco 144 D-link 81 Linksys
49 Netgear 36 TP-Link 18 Zyxel 15 Huawei 13
6. MODEMZ
7. 3G/4G modems. Made in China by Huawei.
8. Zero CD
9. Zero CD-RW
10. EViL C0NF
11. OUC.EXE = OUCH LPE
12. 3G/4G MODEM -> CYBERWEAPON
13. CR0SSPLATF0RM 3G/4G M0D3M R00TKiT
14. ROUTERZ
15. SDLC BUBEN DANCiNG
16. BACKUP=FCUKUP
17. GET HTTP REQUEST
18. 20 AUTH BYPASS + CSRF = CONFiG UPLOAD 8) Firewall/AV bypass
Botnet via Habrahabr
19. 21 habrahabr.ru CSRF Evil FTP server Config CSRF
20. Network configuration PPPOE account SIP account
CONFiGURATiON
21. OLD DAYS
22. 24 2-12-85-06 2-12-85-06 2-12-85-06 2-12-85-06 2-12-85-06
2-12-85-06 XXI century
23. AUTH BYPASS + CSRF + COMMAND INJECTION = w00t w00t rem0t3
reb00t Back to 90s.. Do you remember +++ATH.jpg trick? WARNINNG!!!
WARNINNG!!! WARNINNG!!!
24. Huawei HG8245 Jtagulator Huawei 8245 hacking
25. PLACE 4 FUTURE ViRUSES
26. PASSWORDS.
27. How to rob the train in XXI century? Easy!
28. WARNINNG!!! WARNINNG!!! WARNINNG!!! WITH GREAT POWER COMES
GREAT RESPONSIBILITY 272, 273, 274
29. STAGE 0x00 Search for train with WiFi Buy train ticket Dont
miss the train
30. STAGE 0x01 admin
31. STAGE 0x02
32. STAGE 0x03
33. STAGE 0x04
34. SIP hacking? Port 5060 + SHODAN Auth needed? Web
interface?
35. CALL TO UID 0
36. but check!Trust,
37. Any questions? INFO: @090h [email protected] Links
https://github.com/0x90/routerz https://github.com/0x90/modemz
LOAD MORE