Vulnerability disclosure TP-Link multiples CVEs

TP-Link TL-SG108E Easy Smart Switch CVE-2017-8074 CVE-2017-8075 CVE-2017-8076 CVE-2017-8077 CVE-2017-8078 In May 2016, I made a little assessment on my own TP-Link switch. I found several vulnerabilities so I sent a complete report to TP-Link support to warn them. They answered me very professionally and declared that these vulnerabilities are mainly due to the technical limitation … Continue reading Vulnerability disclosure TP-Link multiples CVEs

ZigBee part 1

What is ZigBee? It is a wireless protocol used quite often in IoT for two main reasons: It is low power consumption, It is simpler and less expensive than Wifi or Bluetooth technologies.   Capturing ZigBee signal To do this experimentation, I used: AVR RZUSBSTICK AVR Dragon AVRDUDE Firmware kb-rzusbstick-002.hex KillerBee Lib-usb32 Flash the … Continue reading ZigBee part 1

ROP Primer: 1

A couple of times ago, a new challenge was released on the vulnhub website. Because it wass really interesting, I decided to blog it. You can find the challenge here: Let's have a look 🙂     Intro First of all, the virtual machine has been deployed under VirtualBox. After finding the IP address, let's begin with nmap: … Continue reading ROP Primer: 1