/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

willhaley.com
| | axelp.io
6.6 parsecs away

Travel
| | [AI summary] The provided text details a reverse-engineering and security analysis of a projector's firmware, leading to the discovery of a potential remote code execution (RCE) vulnerability. The author explored the firmware's CGI scripts and libraries, identified a command injection vulnerability in the `connect_network` function, and found that it could be exploited by sending a crafted HTTP request. However, the author's findings could not be validated due to the product being end-of-life (EOL), and the vulnerability may not be exploitable on newer devices due to hardware differences.
| | voidstarsec.com
0.9 parsecs away

Travel
| | In previous posts, we've gone over how to tear down Arcade cabinets containing SPI Flash as well as how to dissect the data that was extracted from the Rom. With this next series of posts, I'd like to take the concepts we talked about on those platforms and demonstrate them on a more popular platform With this post our goal will be to extract the firmware from the platform and locate and type of debugging if possible (UART,JTAG,etc). We will explore multiple ways of attempting to extract the filesystem and outline the steps taken for each method.
| | reverse.put.as
6.2 parsecs away

Travel
| | Note: the original post was written in 2017 when there weren't many posts discussing direct attacks to firmware flash. It also took a while to get in touch with the ISP to give them a chance to fix some of the issues described (in particular the ACS access) and then it was left in draft mode until today. I just made a quick revision and fixed quite a few dead links.
| | gabevenberg.com
15.8 parsecs away

Travel
| I've been using Arch Linux for several years now. Of course, my first installs were... blunderous, as i wanted to do full disk encryption from the get-go, and I didn't know what I was doing. After those first one or two installs, I generally settled on LVM on LUKS with a GRUB bootloader and my swap on an LVM volume, mostly because it makes it much easier to setup hibernation/suspend to disk vs, say, a swap file.