Skip to content

NSIDE-ATTACK-LOGIC/Exploit-Collection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
O2_HomeBox_6441_v01.01.30.py
O2_HomeBox_6441_v01.01.30.py
 
 
README.md
README.md
 
 
TP-Link-WR831ND_v0.9.1_4.16.py
TP-Link-WR831ND_v0.9.1_4.16.py
 
 

Repository files navigation

Exploit-Collection

Collection of exploits created by NSIDE ATTACK LOGIC GmbH

O2_HomeBox_6441_v01.01.30.py

NSIDE discovered a buffer overflow in the webserver of the HomeBox 6441 in firmware 01.01.30. The vulnerability was reported and resolved in 2018.

Blogpost

Article by Heise.de

TP-Link-WR841ND_v0.9.1_4.16.py

While NSIDE analyzed CVE-2017-8220 for an IoT hacking series article, a format-string vulnerability was observed in the already present exploit chain.

NSIDE created an exploit script that does not abuse the trivial OS Command injection that was already present, but leverages the format-string to a root shell. The purpose of this excercise was to develop a step by step guide for exploit development in NSIDEs IoT hacking series in the iX magazine.

The exploit works on firmware version TL-WR841Nv14_EU_0.9.1_4.16 and was patched in TL-WR841Nv14_EU_0.9.1_4.17.

About

Collection of exploits created by NSIDE ATTACK LOGIC GmbH

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages