Exploit Development

Today we are going to talk about the vulnerability assessment I performed on a TRENDNet TEW–827DRU hardware revision 2, firmware version 2.04. I enjoyed this vulnerability assessment, mostly because there were a lot of vulnerabilities to discover, but also because it allowed me to tests out some new exploitation techniques involving ASLR. More on that later. For now, let’s all don our white hats and dive right in.

In the Beginning

Just like all...

I came across this entry on Mitre’s CVE disclosure site and for some reason it really drew my attention.

I think it was the seemingly simple nature of the exploit. Just an overflow in the authorization header. How hard can this be to exploit?

The CVE description was a little vague, as they usually are. So I clicked on the reference link hoping to find a more thorough explanation. I was unfortunately greeted with a 404 page not found.. But with a little digging I found the overview...