#Stockpile The router hacking repo.
#Papers:
- JTAG Slides
- How to hack millions of routers
- Hacking cisco routers
- Router Exploitation
- From SQLi to MIPS Overflows
- Flashing & Attacking WiFi Routers
- SANS: Exploiting embedded devices
- Hacking routers for fun and profit
- Remote Attacks Against SOHO Routers
- Developing MIPS Exploits to Hack Routers
- Exploiting Buffer Overflow Using the MIPS ISA
- Exploiting ADSL routers to perform cyber attacks!
- Owning the Network: Adventures in Router Rootkits
#Documentation:
- Hacking the Linksys WMB54G
- Hacking the D-Link DIR-890L
- Cracking Linksys “Encryption”
- WRT120N fprintf Stack Overflow
- Breaking SSL on Embedded Devices
- Reverse Engineering Serial Ports
- Exploiting a MIPS Stack Overflow
- What the Ridiculous Fuck, D-Link?!
- Reversing Belkin’s WPS Pin Algorithm
- Exploiting Embedded Systems – Part 1
- Exploiting Embedded Systems – Part 2
- Exploiting Embedded Systems – Part 3
- Exploiting Embedded Systems – Part 4
- Reversing D-Link’s WPS Pin Algorithm
- Reverse Engineering a D-Link Backdoor
- reverse engineer router firmware part 1
- reverse engineer router firmware part 2
- Extracting Non-Standard SquashFS Images
- How to exploit home routers for anonymity
- Re-enabling JTAG and Debugging the WRT120N
- Reversing the WRT120N’s Firmware Obfuscation
- Reverse Engineering Firmware: Linksys WAG120N
#Videos:
- Router Exploitation
- Hacking
RedactedRouters - How to Hack Millions of Routers
- Owning the Network: Adventures in Router Rootkits
- Attacks Against 2wire Residential Gateway Routers
#Exploits:
- NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure(2015)
- D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities(2015)
- Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure(2015)
- Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change Vulnerability(2015)
- Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure(2015)
- D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS(2015)
- D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS(2015)
- ZTE ZXHN H108L - Authentication Bypass
- D-Link DSL-2730B Modem - XSS Injection Stored Exploit Lancfg2get.cgi
- D-Link DSL-2730B Modem - XSS Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl(2015)
- D-Link DSL-2730B Modem - XSS Injection Stored Exploit DnsProxy.cmd
- D-Link Cookie Command Execution(2015)
- D-Link Devices HNAP SOAPAction-Header Command Execution(2015)
- 15 TOTOLINK Router Models - Multiple RCE Vulnerabilities(2015)
- TP-LINK WR842ND Remote Multiple SSID Directory Travesal Exploit(2013)
- ZyXEL Router P-660HN-T1A - Login Bypass(2014)
- D-Link DSR Router Series - Remote Root Shell Exploit(2013)
- D-Link DSL-2740B (ADSL Router) Authentication Bypass(2013)
- Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption(2013)
- D-Link info.cgi POST Request Buffer Overflow
- D-Link HNAP Request Remote Buffer Overflow
- D-Link hedwig.cgi Buffer Overflow in Cookie Header
- D-Link authentication.cgi Buffer Overflow
- D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection
- SAP Router - Timing Attack Password Disclosure(2014)
- Sercomm TCP/32674 Backdoor Reactivation
#Tools:
- rext
- rpef
- rebind
- binwalk
- wrt120n
- baudrate
- libmpsse
- asus-cmd
- Crippled
- Profiteer
- TCP-32764
- sasquatch
- littleblackbox
- firmware-mod-kit
#Websites:
#Donations:
- 17vorVqtJqbDaN6ZC6UGE7UwGC4QVmDNMh