Denis Makrushin

0day

30/11/16 |Blog # , , ,

0day vulnerability in Tor Browser

0 likes no responses
Twitter

One more backdoor in D-Link DIR-620 (RevG) #CVE201812676
As I mentioned, #CVE201812677 exposures a config-file. I found there the strange account with “support<substring>”. The creds for web-dashboard are hardcoded for ISP support purposes.
Update and restore to factory settings

Thank you #ISCR2018 for the opportunity to share an expertise with the high-motivated audience. Probably, it will change something in their way of thinking. Anyway, the gift from Tokyo Cybercrimes Control Division gives me hope.

Next week at Seoul I will present at "International Symposium on Cybercrime Response" the following topic: “Tracking Cybercrime in IoThreat Era”. Within the presentation I will focus on IoT-related issues on perimeter, how to identify them and how to mislead the attacker.

New vulnerabilities in D-Link DIR-620 (RevG).
#CVE201812677 exposes all user credentials in config-file (plaintext) inside the firmware. It wouldn’t be so critical if part of the file was not stored in JS-variable, that available for unauthenticated user (#CVE201812419).

Tiesto, Aphrodite, SubFocus and... Denis. Still about #cybersecurity in Technology track. In case of emergency will sing something. #alfafuturepeople #AFP2018

Recent Comments
- Sergey to Погружение в даркнет: Снифаем выходную ноду Tor и анализируем получившийся контент
лучше заходиииииииить через тор онлайн http://torproject.online/,...
- Denis Makrushin to The problems of heterogeneous means of protection
Of course!...
- K. Olbert to The problems of heterogeneous means of protection
Insightful diagram, Denis. Would you mind if I use it in a presentation, with credit, of course?...