Recently, I've written a german article about the Fritz!Box-Vulnerabilities for the c't magazine. It has now been printed and is available in the c't 13/14.
--
Eine deutsche (und etwas gekürzte) Version meines Fritz!Box-Artikels ist nun in der aktuellen c't zu finden.
Tag: Fritz!Box
This is the continuation of a write-up/tutorial-mixture on how to Reverse Engineer a patch with the ultimate goal of writing a Metasploit module for the found vulnerabilites.
I'll explain all that by taking the example of a patch that was released for the Fritz!Box devices, a widespread (at least in Germany/Europe) DSL-Router series in February 2014.
This tutorial/write-up illustrates the path from diffing the firmware versions and finding the interesting files via reverse engineering the patch through to finally writing an exploit (a Metasploit module) for the MIPS-based DSL-Router series by AVM.
Almost every Fritz!Box device (including WLAN-Repeaters) with a market share of ~60% in Germany is/was affected by this bug - patches were released between February 7th and 28th.