Pwn@Home An Attack Path to jailbreaking your home router

Recommendations

Info

Set-top-box Router Firmware Kernel decryption Modified U-Boot: normal boot $ strings u-boot.kwb | grep -i ’u-boot’ U-Boot 2009.06-rc2-00065-gf5769a4-dirty (Sep 17 2010 - 18:09:06) 1 Read firmware from NAND partition 2 Firmware contains 2 partitions: kernel and rootfs 3 Public key (RSA 1024) stored in the bootloader, used to check the kernel signature (SHA1) 4 A session key is decrypted (AES) with a key stored in the bootloader (128 bits) 5 Kernel is decrypted with this session key (AES, 128 bits) 6 Kernel is decompressed (LZMA) 7 Kernel boots
Set-top-box Router Firmware File system decryption Plan 1 Introduction 2 Set-top-box 3 Router 4 Firmware Firmware retrieval and bootloader extraction Kernel decryption File system decryption Untethering 5 Conclusion
Page 1 and 2: Pwn@Home An Attack Path to jailbrea
Page 3 and 4: Set-top-box Router Firmware Context
Page 5 and 6: Set-top-box Router Firmware Targets
Page 7 and 8: Set-top-box Router Firmware Plan 1
Page 9: Set-top-box Router Firmware Code ex
Page 12 and 13: Set-top-box Router Firmware Code ex
Page 16 and 17: Set-top-box Router Firmware Chroot
Page 22 and 23: Set-top-box Router Firmware Plan 1
Page 32 and 33: Set-top-box Router Firmware Arbitra
Page 45 and 46: Set-top-box Router Firmware Firmwar
Page 51: Set-top-box Router Firmware Kernel
Page 55 and 56: Set-top-box Router Firmware Untethe
Page 57 and 58: Set-top-box Router Firmware Untethe
Page 59: Set-top-box Router Firmware Conclus

Pwn@Home An Attack Path to jailbreaking your home router

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?