Part 13 (the penultimate installment) of Broken, Abandoned, and Forgotten Code is up. In this first of two parts covering post exploitation, we cover how to customize the stage 1 firmware image the exploit will flash onto the target. It is the job of this minimized firmware image to bootstrap a fully functional, trojanized stage 2 firmware onto the Netgear R6200.
Here's a link to part 13: http://shadow-file.blogspot.com/2015/10/abandoned-part-13.html If you missed my post to Full Disclosure where I introduced the series, here's that: http://seclists.org/fulldisclosure/2015/May/44 As always I welcome feedback via email or Twitter. I'm @zcutlip. I hope you enjoy it! Cheers, Zach -- :wq! _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
