Tag: Zachary Cutlip

Bowcaster Exploit Development Framework, for MIPS

~ hucktech ~ Leave a comment

Zachary Cutlip has written an exploit framework for MIPS:

The Bowcaster Exploit Development Framework, implemented in Python, is intended to aid those developing exploits by providing useful set of tools and modules, such as payloads, encoders, connect-back servers, etc.  Currently the framework is focused on the MIPS CPU architecture, but the design is intended to be modular enough to support arbitrary architectures.

https://github.com/zcutlip/bowcaster
https://github.com/zcutlip/exploit-poc/tree/master/dlink/dir-815-a1/hedwig_cgi_httpcookie

Broken, Abandoned, Firmware code part 14/14

~ hucktech ~ Leave a comment

Zachary Cutlip has posted his FINAL part of the 14-part post on router firmware security, “Broken, Abandoned, and Forgotten Code, Part 14”:

“In the previous post, we walked through building a stage 1 firmware image that can be flashed to the Netgear R6200 by exploiting the hidden SetFirmware SOAP action in upnpd. Due to an undersized memory allocation, we aren’t able to flash a full sized image using this exploit. Whereas a stock firmware is nearly 9MB, the buffer upnpd base64 decodes into is 4MB, leading to a crash. As a result we have to load our trojanized firmware in two stages. The first stage is stripped down to bare essentials and contains an agent that downloads and flashes a full sized second stage providing persistent remote access. In this part, we conclude the series with a discussion of how to prepare the stage 2 and what it should contain.” […]

http://shadow-file.blogspot.com/2015/11/abandoned-part-14.html

Broken, Abandoned, and Forgotten firmware Code