BloomTech’s Downfall: A Long Time Coming

Don't Ruck Us Too Hard - Owning All of Ruckus AP Devices

Don't Ruck Us Too Hard - Owning All of Ruckus AP Devices

nullcon via YouTube Direct link

Intro

1 of 27
Next

1 of 27

Intro

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

Don't Ruck Us Too Hard - Owning All of Ruckus AP Devices

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 Ruckus Networks Equipment
  3. 3 echo SUSER
  4. 4 R510 Unleashed
  5. 5 Firmware
  6. 6 Dockerized QEMU
  7. 7 Server Web Directory
  8. 8 Fetching rpmkey
  9. 9 CLI Jailbreak
  10. 10 Retrieving functions names
  11. 11 Web interface - authentication mechanism
  12. 12 Web interface - Session check
  13. 13 Standard ajax request
  14. 14 Unauth ajax request
  15. 15 Exploitation
  16. 16 What about command injection?
  17. 17 sys_wrapper.sh
  18. 18 Weird stuff
  19. 19 Session needed
  20. 20 Zap to the rescue
  21. 21 Arbitrarily file write
  22. 22 Zapd server
  23. 23 Zap command
  24. 24 Chained vulnerabilities
  25. 25 Conclusions
  26. 26 Post Research
  27. 27 Final thoughts

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.