Michał Sajdak

Title: Remote rootshell on a SOHO router

Bio:
Owner: Securitum, a security consulting company.
Former Head of IT - WebService (Solidex Group).
Former Head of IT Security Department - WebService (Solidex Group).

Experienced in software and infrastructure security testing (mainly for financial industry).
6 years experience in software development and software security.

Abstract:
The presentation is divided into three parts:

• A brief description of few common security flaws in web servers and web management software used in SOHO class routers.
• Practical examples of the flaws (a mini lab will be shown during the presentation).
• A real, live exploitation of a specific model of ADSL+WIFI router.

The exploitation is based on few flaws, which separately are not very dangerous. But when put together, they create the combination, which allows gaining remote root shell on the underlying OS of the router. The shell can be obtained from the Internet (WAN) level, regardless of a firewall and other security mechanisms implemented at the router.