PinnedGerry Gosselin @snafui@infosec.exchangeBug: Cisco IOS SNMPv3 ACL IssuesDue to an acknowledged bug, a small sampling of Cisco IOS and IOS XE routers are exposing SNMPv3 despite configured ACL rules.Jun 26, 2022Jun 26, 2022
Gerry Gosselin @snafui@infosec.exchangeRaspberry Pi GPIO Connections For Hardware Security ResearchI’ve been doing a bit of work recently using Raspberry Pis as SPI interfaces to dump flash chips for security research such as Zyxel…Jul 18, 2022Jul 18, 2022
Gerry Gosselin @snafui@infosec.exchangeIoT: Pro1 T701i Wifi Thermostat, Part 2IoT flash dump leads to a week of mapping, a little ghidra, and an answer to the question: “Can I do more than reboot remotely?”Jul 4, 2022Jul 4, 2022
Gerry Gosselin @snafui@infosec.exchangeIoT: Pro1 T701i Wifi ThermostatThe Pro1 T701iv1 thermostat: randomly freezes up, removes itself from wifi, leaks information like crazy, and you can reboot it with…Jun 29, 2022Jun 29, 2022
Gerry Gosselin @snafui@infosec.exchangeBug: Local Admin Certificate-based Authentication to WinRM on a Domain Joined ServerDuring Active Directory domain creation, certificate-based authentication to WinRM HTTPS remains.Jun 22, 2022Jun 22, 2022
Gerry Gosselin @snafui@infosec.exchangeProject: Zyxel GS1200–5, Part 2A javascript bug leads to a multi-year reverse engineering journey for an embedded device newb. Part two!Jun 19, 2022Jun 19, 2022
Gerry Gosselin @snafui@infosec.exchangeProject: Zyxel GS1200–5, Part 1A javascript bug leads to a multi-year reverse engineering journey for an embedded device newb.Jun 19, 2022Jun 19, 2022