Today, I’ll be cracking open the AC1200 Dual Band Wi-fi Router vM32A3_V1410_240222 and attempting to get a UART shell! Let’s dive right into it. Opening the Router My first step was to identify the mechanisms keeping the router sealed. I found some screws hidden beneath plastic feet on the bottom of the router. I began by removing them as seen in the photo below. After I removed them, I still struggled to get the device open....
Introduction On November 19th, 2024, Qualys publicly disclosed five local privilege escalation vulnerabilities discovered in the needrestart binary that comes installed by default on Ubuntu Server installations. They disclose the technical details of these here, however, I will be attempting to rediscover CVE-2024-48990 prior to reading the technical details based purely on the information from the CVE description and references. Then, I will create my own exploit that gives me a reverse shell as root....
Author: Ally Petitt Introduction Christmas break is notoriously refreshing for high schoolers like myself, however, unlike most high school students, I got to spend mine doing the most fascinating work in the world: security research. I had previously used Savannah, a GNU bug tracker, to submit a bug report, so when I noticed that the underlying technology, Savane, was open source, I knew I had to put it on my list of research projects....
https://images.pexels.com/photos/5483149/pexels-photo-5483149.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1 Introduction Discovering a CVE was always an idea that enticed me, but I had no idea how to achieve it. Encountering the authentication bypass that I will explain in this article was both unexpected and deeply inspiring. In my preparation for the OSWE, I decided to practice identifying the exam vulnerabilities in real, open-source applications, which would both give me practice for the exam and enable me to contribute to the security community....