ADVANCED SOHO ROUTER EXPLOITATION presented at Ruxcon 2015

by Lyon Yang,

Summary : In this talk we will look into how a series of 0-day vulnerabilities can be used to hack into tens of thousands of SOHO Routers. We will elaborate on the techniques that were used in this research to locate exploitable routers, discover 0day vulnerabilities and successfully exploit them on both the MIPS and ARM platforms.
The talk will cover the following topics:
Dumping and analyzing router firmware from an ISP provided router
Tips and Tricks to discovering vulnerabilities on the router
Identification of vulnerabilities
Explanation of how to write ARM / MIPS exploits
ROP Gadgets used for writing ARM and MIPS Proof-Of-Concept
Post exploitation concepts – creative use of exploits