Journey to Command Injection - Hacking the Lenovo ix4-300d

Explore the process of chaining multiple vulnerabilities to fully compromise the Lenovo ix4-300d network attached storage (NAS) device in this 26-minute conference talk from Security BSides San Francisco. Discover how to combine command injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) to create a remote exploit that requires minimal user interaction. Learn how an attacker can craft a malicious link that, when accessed by the victim, allows for the extraction of all information stored on the NAS and execution of arbitrary operating system commands. Follow the speaker's journey from identifying the initial command injection vulnerability to developing a sophisticated exploit that hijacks browser storage values, issues malicious requests, and ultimately opens a remotely accessible operating system shell on the compromised device.