Disclaimer Any direct or indirect consequences and losses caused by the dissemination and use of the information provided in this article shall be borne by the user. Thunder God Testing and the author of the article shall not bear any responsibility for this. Thunder God Testing reserves the right to modify and explain this article. … Read more
Vulnerability Description: There is a stack overflow vulnerability in the sub_25E04 function of the upnpd file. The length is not checked during strcpy, causing an overflow and allowing for a ROP attack to achieve command execution. Version: 1.0.2.134 Vulnerability Analysis and Reproduction1. Firmware Simulation Using qemu system simulation: qemu startup: qemu-system-arm -M vexpress-a9 -kernel vmlinuz-3.2.0-4-vexpress … Read more
Hello, masters, good evening. Today we will introduce a low power Bluetooth tool. Before that, let’s briefly introduce low power Bluetooth (BLE). Here is the address | Welcome masters to star https://github.com/nian-hua/Litchi Bluetooth started supporting low power from version 4.0. During the interaction with BLE, the most important concepts are Characteristic, Descriptor, and Service: Characteristic: … Read more
Focusing on source code security, gathering the latest news from home and abroad! Compiled by: Code Guardian Ford Motor Company has warned that many Ford and Lincoln vehicles equipped with the SYNC3 in-vehicle entertainment system have a buffer overflow vulnerability that could lead to remote code execution; however, it is noted that vehicle driving safety … Read more
Admin’s Note: It’s been a while since I posted a new article and logged into the public account. Unfortunately, many issues beyond my control, combined with my principle of not being a mere transporter, mean that creation always takes time. Today, I am back with an interesting topic for everyone. Drone Security and Fault Injection … Read more
Click on “AsiaInfo Security” above to browse more security news It is well-known that the Linux kernel is a common component of all Linux operating systems, not only used in server platforms but also in Android phones, tablets, and various IoT devices. Recently, the Perception Point research team revealed a core vulnerability in Linux (CVE-2016-0728), … Read more
With the advent of the 5G era, the role of the Internet of Things (IoT) is becoming increasingly important, along with more security risks. IoT security covers a wide range of topics. This series of articles will discuss the author’s understanding of IoT vulnerability research from a technical perspective. The author will explore five dimensions: … Read more
Setting Up OpenWrt Environment Download the OpenWrt 19.07 image, extract it, and import it as a disk image into the virtual machine. wget https://downloads.openwrt.org/releases/19.07.0/targets/x86/generic/openwrt-19.07.0-x86-generic-combined-ext4.img.gz gunzip openwrt-19.07.0-x86-generic-combined-ext4.img.gz sudo apt-get install qemu-utils -y sudo qemu-img convert -f raw openwrt-19.07.0-x86-generic-combined-ext4.img -O vmdk openwrt-19.07.0-x86-generic-combined-ext4.vmdk Successfully accessed the web backend, after setting the password, you can access it via SSH. … Read more
First, look at the key points, then read the original text. Key point: The expert Wh1te4ever has completed the iOS 15.x arm64 jailbreak project, and developers can now experience it. However, it is still not recommended for beginners, as the author mentioned issues with stability. We look forward to opa334 adding support for the Dopamine … Read more