IoT Village - Greenwaves and Ham

Cite

DEF CON

Collado, Elvis

Formal Metadata

Title

IoT Village - Greenwaves and Ham

Title of Series

DEF CON 27

Number of Parts

335

Author

Collado, Elvis

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/48872 (DOI)

Publisher

DEF CON

Release Date

2019

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

This talk is about how an unauthenticated heap-based buffer overflow vulnerability was discovered and exploited within a router distributed by a market-leading ISP. Despite the targeted process utilizing mitigations such as DEP and ASLR, it still fell prey to known exploitation techniques. This talk will go over the thought process, failures, and road-blocks that were encountered and how they were overcame. The audience should walk away with a clear understanding of how to find ideal exploit primitives within their targeted device for heap-based vulnerabilities.