IoT
TP-Link TDDP Buffer Overflow Vulnerability
Reverse engineering has always held an aura of mystery making it an intimidating field to venture into. The act of uncovering hidden vulnerabilitie...
Security Advisory: Remote Command Execution in Cisco Access Point WAP Products
Introduction 介绍 With the recent release of our binary zero-day identification feature, we wanted to demonstrate what it would look like, when app...
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Disclaimer 免責聲明 The exploit described in this post is tailored to the exact version of FortiGate SSL VPN used for testing. It is unlikely the e...
Ruijie Switch PSG-5124 26293 – Remote Code Execution (RCE)
#- Exploit Title: Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE) #- Shodan Dork: http.html_hash:-1402735717 #- Fofa Dork: body='img/fre...
Serial PitM
Sometimes you need to get in the way of a hardware device and its controller, and see what it has to say for itself. If you are lucky, the two part...
【漏洞分析】CVE-2021-4145 dirty cred漏洞复现
作者论坛账号:xia0ji233复现一下 dirty cred 漏洞<!--more-->同样本篇文章采用的还是 环境配置——漏洞验证——源码分析——代码调试 这四部分。环境配置内...
Qemu源码浅析之v0.1.6
一前言最近打算实现一个iot的fuzz,在此过程中遇到了许多问题,所以尝试通过阅读qemu源码来解决,不过现在的qemu已经是相当庞大的项目了,要想从当前版本的源...
原创 Paper | USB设备开发:从入门到实践指南(四)
作者:Hcamael@知道创宇404实验室时间:2024年3月13日从本篇开始就要研究USB设备开发硬件部分的知识,本系列硬件部分文章的学习案例来源于《圈圈教你玩USB》...
[推荐阅读]星链系统及其作战运用分析
↑↑点击上方蓝字关注我们本文发表于《指挥控制与仿真》2024年第1期摘要:星链系统作战运用日趋成熟,考虑星链系统仍在快速建设,有必要对其未来作战运用进行系统...
FortiGate SSLVPN CVE-2024-21762漏洞利用分析
一漏洞简介FortiGate二月份发布版本更新,修复多个中高危漏洞,其中一个严重级别漏洞是SSL VPN的未授权越界写漏洞,漏洞预警称该漏洞可能被在野利用。本文将...