Category: Reverse Engineering | Atom Feed

CSI: Fritzbox - German Fritz!Box-Article in latest c't

Recently, I've written a german article about the Fritz!Box-Vulnerabilities for the c't magazine. It has now been printed and is available in the c't 13/14.
--
Eine deutsche (und etwas gekürzte) Version meines Fritz!Box-Artikels ist nun in der aktuellen c't zu finden.


AVM Fritz!Box root RCE: From Patch to Metasploit Module - II

This is the continuation of a write-up/tutorial-mixture on how to Reverse Engineer a patch with the ultimate goal of writing a Metasploit module for the found vulnerabilites.
I'll explain all that by taking the example of a patch that was released for the Fritz!Box devices, a widespread (at least in Germany/Europe) DSL-Router series in February 2014.


AVM Fritz!Box root RCE: From Patch to Metasploit Module - I

This tutorial/write-up illustrates the path from diffing the firmware versions and finding the interesting files via reverse engineering the patch through to finally writing an exploit (a Metasploit module) for the MIPS-based DSL-Router series by AVM.
Almost every Fritz!Box device (including WLAN-Repeaters) with a market share of ~60% in Germany is/was affected by this bug - patches were released between February 7th and 28th.

© 7a69. Built using Pelican. Original theme by Giulio Fidente on gitub, modified by 7a69.