SQL INJECTION TO MIPS OVERFLOWS: ROOTING SOHO ROUTERS

SQL INJECTION TO MIPS OVERFLOWS: ROOTING SOHO ROUTERS

This presentation details an approach by which SQL injection is used to exploit unexposed buffer overflows, yielding remote, root-level access to Netgear wireless routers. Additionally, the same SQL injection can be used to extract arbitrary files, including plain-text passwords, from the file systems of the routers. This presentation guides the audience through the vulnerability discovery and exploitation process, concluding with a live demonstration. In the course of describing several vulnerabilities, I present effective investigation and exploitation techniques of interest to anyone analyzing SOHO routers and other embedded devices.

Presented by