IoT

N如何获取Tenda AX18系列的Telnet密码

0x10 前言要调试溢出漏洞肯定得需要shell的啦,没shell,没监控,没办法的fuzz溢出的啦0x20 分析总所周知 Tenda 路由器是可以通过 goform/telnet 这个接口来...

N新华三magicR100存在未授权RCE攻击

漏洞描述存在/AJAX/ajaxget接口可以非授权访问,通过ajaxmsg搭配上功能函数可以调用读取一些敏感信息,通过对信息泄露进行深入检查,发现可以泄露管理数据登...

NNetUSB exploitation part 1: Setting up the environment

In Pwn2Own Austin 2021, we also exploited TP-Link Archer C7 and Netgear R6700v3 routers. This is the first part of how we attacked the NetUSB kerne...

N针对GPS追踪器设备的安全研究(part2)

针对GPS追踪器设备的安全研究(part1) 0x01 背景描述在上一篇中,我发布了对在GPS跟踪设备网络中发现的漏洞的深入分析。自从我向制造商深圳i365披露我的发现...

NTHE PRINTER GOES BRRRRR!!!

Network printers have been featured for the first time at Pwn2Own competition in Austin 2021. Three popular LaserJet printers were included in the ...

N一款路由器安全测试

本文为看雪论坛优秀文章看雪论坛作者ID:p1yang分析这款是某某路由器A1206,固件是比较早的未加密的那个。都是个人学习过程中的思考与知识,整理下来。 ...

NNETGEAR社製ルーターにおける認証不要の任意コード実行の技術的解説(PSV-2022-0044)

  ※本記事は先立って公開された英語版記事を翻訳し、日本語圏の読者向けに一部改変したものです。   画像出典: https://www.netgear.com/busines...

NPS4 Aux Hax 2: Syscon

In the PS4 Aux Hax series of posts, we’ll talk about hacking parts of the PS4 besides the main x86 cores of the APU. In this entry, we’ll recount s...

NPS4 Aux Hax 5: Flawed Instructions Get Optimized

Aaaand we’re back, after an extended delay, to … continue talking about hacking PS4 peripherals 😅. This time, the DUT is the PS4 Virtual Reality p...

NPS4 Aux Hax 4: Belize via CEC

This post describes another way to attain code execution on Aeolia (actually, the southbridge revision on PS4 Pro which was used in this case is na...
1 2 3 23