Today we’re going to learn how security researchers work. Jacob Holcomb is a principal researcher at Baltimore’s Independent Security Evaluators (ISE), where he’s worked on SOHOpelessly Broken, which discovered over 50 new 0-day vulnerabilities in network routers and served as the foundation for the first-ever router hacking contest at DEFCON in IoT Village.
He’s a penetration tester who has presented at BlackHat USA, BlackHat Europe, DEFCON, DerbyCon, BSidesDC, and many others. During this livestream, Holcomb will show us a now-patched vulnerability in the ASUS RT-N56U router. He’s going to exploit a stack-based buffer overflow to get full remote access. An attacker with a root shell on a router could man-in-the-middle internet traffic to steal credentials or monitor that traffic to setup more attacks on other targets in that router’s network.
Read full news article on Motherboard