Posts

Vulnerability disclosure TP-Link multiples CVEs

TP-Link TL-SG108E Easy Smart Switch CVE-2017-8074 CVE-2017-8075 CVE-2017-8076 CVE-2017-8077 CVE-2017-8078 In May 2016, I made a little assessment on my own TP-Link switch. I found several vulnerabilities so I sent a complete report to TP-Link support to warn them. They answered me very professionally and declared that these vulnerabilities are mainly due to the technical limitation … Continue reading Vulnerability disclosure TP-Link multiples CVEs

ZigBee part 1

What is ZigBee? It is a wireless protocol used quite often in IoT for two main reasons: It is low power consumption, It is simpler and less expensive than Wifi or Bluetooth technologies.   Capturing ZigBee signal To do this experimentation, I used: AVR RZUSBSTICK http://www.atmel.com/tools/rzusbstick.aspx AVR Dragon http://www.atmel.com/tools/avrdragon.aspx AVRDUDE https://savannah.nongnu.org/projects/avrdude/ Firmware kb-rzusbstick-002.hex https://github.com/riverloopsec/killerbee/blob/master/firmware/kb-rzusbstick-002.hex KillerBee https://github.com/riverloopsec/killerbee Lib-usb32 https://sourceforge.net/projects/libusb-win32/ Flash the … Continue reading ZigBee part 1

ROP Primer: 1

A couple of times ago, a new challenge was released on the vulnhub website. Because it wass really interesting, I decided to blog it. You can find the challenge here: https://ctf-team.vulnhub.com/rop-primer/ Let's have a look 🙂     Intro First of all, the virtual machine has been deployed under VirtualBox. After finding the IP address, let's begin with nmap: … Continue reading ROP Primer: 1