[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CACxx4MTKPfkRND2Rdk-zjy9tw5O+BC8E5=xRcsubX0YX3vhVdw@mail.gmail.com>
Date: Sat, 7 Nov 2015 09:59:09 -0800
From: Zach Cutlip <uid000@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Broken, Abandoned, and Forgotten Code, Part 14
Part 14 of Broken, Abandoned and Forgotten Code is up. In this final
part, we finish discussing post-exploitation. This is really the most
open-ended phase of exploitation, and I discuss a number of creative
things you can do with your target, once compromised. For this post, I
keep it simple with a reverse-TCP root shell. I discuss building the
stage 2 firmware, then flattening it, so the stage 1 firmware can
download and flash it.
Also, this part has 100% more ponies.
Here's part 14 for your reading pleasure.
http://shadow-file.blogspot.com/2015/11/abandoned-part-14.html
If you've only joined in recently, here's the very beginning from back in April.
http://shadow-file.blogspot.com/2015/04/broken-abandoned-and-forgotten-code_22.html
I hope you've enjoyed following along even half as much as I've
enjoyed writing and sharing it.
As always I welcome feedback via email or Twitter. I'm @zcutlip.
Cheers,
Zach
--
:wq!
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists