BloomTech’s Downfall: A Long Time Coming

A Look at TR-06FAIL and Other CPE Configuration Disasters

A Look at TR-06FAIL and Other CPE Configuration Disasters

Security BSides London via YouTube Direct link

Introduction

1 of 52
Next

1 of 52

Introduction

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

A Look at TR-06FAIL and Other CPE Configuration Disasters

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Introduction
  2. 2 Who am I
  3. 3 Landside DSL
  4. 4 CWMP
  5. 5 Heros Explore
  6. 6 Heroesx Security
  7. 7 Must Implementation
  8. 8 Posture Protect
  9. 9 Outcome
  10. 10 Deutsche Telekom
  11. 11 Ireland
  12. 12 Who did it
  13. 13 Bonus Win
  14. 14 Ida Pro
  15. 15 Miss Fortune Cookie
  16. 16 Exploit
  17. 17 DSL Forum Certification
  18. 18 SSL TLS
  19. 19 XML
  20. 20 Threat Model
  21. 21 Hacking
  22. 22 Audit
  23. 23 Disclosure Timeline
  24. 24 FreeACS
  25. 25 Postit
  26. 26 Postit screenshots
  27. 27 We want preoff
  28. 28 Attack Surf
  29. 29 Test Fuzzing
  30. 30 XML NEX
  31. 31 BaseField
  32. 32 XSS
  33. 33 Payload Limitations
  34. 34 Remote Script
  35. 35 Admin User
  36. 36 Stack Overflow
  37. 37 Stack Overflow exploit
  38. 38 Game over
  39. 39 Script kiddie
  40. 40 OpenACS
  41. 41 JBoss
  42. 42 Misc Configuration Server
  43. 43 CSP
  44. 44 CSP in the wild
  45. 45 CSP in Java
  46. 46 CSP in PHP
  47. 47 Laravel Autoloading
  48. 48 Exploitable
  49. 49 Solutions
  50. 50 Defenses
  51. 51 Ongoing research
  52. 52 Thanks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.