Chaos Communication Congress
Chaos Communication Congress
Don't Ruck Us Too Hard - Owning Ruckus AP Devices (36x92)
Data di messa in onda: Dic 28, 2019
(3 different RCE vulnerabilities on Ruckus Wireless access points devices.)
Ruckus Networks is a company selling wired and wireless networking equipment and software. This talk presents vulnerability research conducted on Ruckus access points and WiFi controllers, which resulted in 3 different pre-authentication remote code execution. Exploitation used various vulnerabilities such as information leak, authentication bypass, command injection, path traversal, stack overflow, and arbitrary file read/write. Throughout the research, 33 different access points firmware examined, and all of them were found vulnerable. This talk also introduces and shares the framework used in this research. That includes a Ghidra script and a dockerized QEMU full system emulation for easy cross-architecture research setup.
Here's a fun fact: BlackHat USA 2019 used Ruckus Networks access points.
- Iniziato: Dic 2011
- Episodi: 1118
- Followers: 0
- Terminata
- Sconosciuto
- Sconosciuto