DEF CON Safe Mode — Gal Zror — Don’t Ruck Us Again The Exploit Returns

Дата: 05.08.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

From the researchers who brought to you «»Don’t Ruck Us Too Hard»» comes a brand new follow-up research. This summer! We will show that all of Ruckus Wireless «»ZoneDirector»» and the «»Unleashed»» devices are still vulnerable.

This follow-up research includes six new vulnerabilities, such as command injection, information leakage, credentials overwrite, and stack overflow and XSS. With these vulnerabilities, we were able to achieve two new and different pre-auth RCEs. Combined with the first research, that is five entirely different RCEs in total. We also found that Ruckus did not fix some of the vulnerabilities from the first research correctly, and they are still exploitable by using a very neat payload :).

Other cool stuff about this research:
We will share a new Ghidra script we used to map the critical sections in the webserver binary that were later found vulnerable. We managed to fingerprinted Universities and Organizations that were vulnerable from the internet. BlackHat uses Ruckus Wireless for Wi-Fi solutions.

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован.