One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials

Sdílet
Vložit
  • čas přidán 15. 05. 2024
  • ...Notably, ASUS routers - of which around one million are exposed to the internet via port 8443/tcp (Shodan query: port:8443 os:"ASUSWRT") - display a distinct susceptibility. Investigation reveals the user-friendly "ASUS Router App" inadvertently alters router settings, making them accessible online.
    Our research discovered that these routers, whether intended or not, configured via ASUS's DDNS, are susceptible to a man-in-the-middle (MITM) attack, which we identified, enabling the theft of admin credentials...
    By: Masaki Kubo , Yoshiki Mori , Kanta Okugawa
    Full Abstract and Presentation Materials:
    www.blackhat.com/eu-23/briefi...

Komentáře •

Další v pořadí
Automatické přehrávání
Off The Record - Weaponizing DHCP DNS Dynamic Updates39:50Off The Record - Weaponizing DHCP DNS Dynamic Updates
Off The Record - Weaponizing DHCP DNS Dynamic UpdatesBlack Hat
zhlédnutí 1,6K
New Techniques for Split-Second DNS Rebinding31:20New Techniques for Split-Second DNS Rebinding
New Techniques for Split-Second DNS RebindingBlack Hat
zhlédnutí 1,3K
Hackers Hide with Clever Alternate Data Streams38:39Hackers Hide with Clever Alternate Data Streams
Hackers Hide with Clever Alternate Data StreamsJohn Hammond
zhlédnutí 75K
Jan Bendig ft. Vanesa Horáková - TU TU TU (Official video)03:50Jan Bendig ft. Vanesa Horáková - TU TU TU (Official video)
Jan Bendig ft. Vanesa Horáková - TU TU TU (Official video)JanBendigOfficial
zhlédnutí 289K
Arianka: “Mami, tady prodávají tátu!” 😁😂 #tarydrink je v obchodech TAMDA FOODS!00:36Arianka: “Mami, tady prodávají tátu!” 😁😂 #tarydrink je v obchodech TAMDA FOODS!
Arianka: “Mami, tady prodávají tátu!” 😁😂 #tarydrink je v obchodech TAMDA FOODS!Tary
zhlédnutí 520K
PROČ MI INSTAGRAM FURT UKAZUJE KVĚTÁK? 😳 - Insta Bašta #1100:54PROČ MI INSTAGRAM FURT UKAZUJE KVĚTÁK? 😳 - Insta Bašta #11
PROČ MI INSTAGRAM FURT UKAZUJE KVĚTÁK? 😳 - Insta Bašta #11AtiShow
zhlédnutí 288K
STRAŠIDELNÝ MEDVÍDEK PÚ SE VRACÍ!47:55STRAŠIDELNÝ MEDVÍDEK PÚ SE VRACÍ!
STRAŠIDELNÝ MEDVÍDEK PÚ SE VRACÍ!Vidrail
zhlédnutí 131K
The Black Hat Europe Network Operations Center (NOC) Report38:03The Black Hat Europe Network Operations Center (NOC) Report
The Black Hat Europe Network Operations Center (NOC) ReportBlack Hat
zhlédnutí 964
I Can’t Believe These are Real - Reacting to Ridiculous PCs on Craigslist20:53I Can’t Believe These are Real - Reacting to Ridiculous PCs on Craigslist
I Can’t Believe These are Real - Reacting to Ridiculous PCs on CraigslistLinus Tech Tips
zhlédnutí 1,6M
The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IP28:04The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IP
The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IPChris Greer
zhlédnutí 80K
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to Enable BCP3828:23A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to Enable BCP38
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to Enable BCP38Black Hat
zhlédnutí 964
Your PC Can Look Like THIS Now!13:18Your PC Can Look Like THIS Now!
Your PC Can Look Like THIS Now!Linus Tech Tips
zhlédnutí 306K
Something Rotten in the State of Data Centers40:27Something Rotten in the State of Data Centers
Something Rotten in the State of Data CentersBlack Hat
zhlédnutí 8K
Google IO 2024 Full Breakdown: Google is RELEVANT Again!27:35Google IO 2024 Full Breakdown: Google is RELEVANT Again!
Google IO 2024 Full Breakdown: Google is RELEVANT Again!Matthew Berman
zhlédnutí 47K
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools35:22The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread PoolsBlack Hat
zhlédnutí 1,7K
What is a Protocol? (Deepdive)18:14What is a Protocol? (Deepdive)
What is a Protocol? (Deepdive)LiveOverflow
zhlédnutí 153K
I Did This And She Was AMAZED! 😱 #shorts00:17I Did This And She Was AMAZED! 😱 #shorts
I Did This And She Was AMAZED! 😱 #shortsWian
zhlédnutí 9M
Tady to vypadá na dlouhý rozhovor. 🙈 Zlepší se situace kolem Petra?00:28Tady to vypadá na dlouhý rozhovor. 🙈 Zlepší se situace kolem Petra?
Tady to vypadá na dlouhý rozhovor. 🙈 Zlepší se situace kolem Petra?FTV Prima
zhlédnutí 215K
Už si Znovu Nekoupím Fiziho Merch00:14Už si Znovu Nekoupím Fiziho Merch
Už si Znovu Nekoupím Fiziho MerchTaky Bige
zhlédnutí 390K
NEUDRŽÍŠ OČNÍ KONTAKT08:45NEUDRŽÍŠ OČNÍ KONTAKT
NEUDRŽÍŠ OČNÍ KONTAKTPROJEKT CREEP
zhlédnutí 84K
LOVE is BLIND but not this one 😍💍00:20LOVE is BLIND but not this one 😍💍
LOVE is BLIND but not this one 😍💍Victoria Pfeifer
zhlédnutí 3,4M
tattoo printer tutorial[제품단순선물]00:34tattoo printer tutorial[제품단순선물]
tattoo printer tutorial[제품단순선물]승비니 Seungbini
zhlédnutí 41M
Czn Burak En Güzel Bağ Sevgi Midir?01:01Czn Burak En Güzel Bağ Sevgi Midir?
Czn Burak En Güzel Bağ Sevgi Midir?Czn Burak
zhlédnutí 14M
Germans Grocery Shopping in the U.S.00:52Germans Grocery Shopping in the U.S.
Germans Grocery Shopping in the U.S.Calvin & Habs
zhlédnutí 8M