Explore a 40-minute conference talk from Ekoparty Security Conference that delves into the security challenges and vulnerabilities of Draytek routers. Learn how researchers reverse-engineered Draytek's firmware format after investigating a client compromise, developing essential tools for firmware extraction where none previously existed. Discover how the RTOS kernel's ability to load code modules dynamically can be exploited for persistent threats that survive firmware upgrades. Understand the process of crafting and uploading malicious modules for persistence, and examine the defensive solution developed to assess module integrity in memory. Gain valuable insights into the security implications for over 500,000 Internet-exposed Draytek routers globally, and access newly developed community tools for enhanced observability, hardening, and vulnerability research on these critical edge devices.
Crafting and Detecting Persistent Backdoors in Draytek Routers
Ekoparty Security Conference via YouTube
Overview
Syllabus
Crafting and Detecting Persistent Backdoors in Draytek Routers- Gastón Aznarez y Octavio Gianatiempo
Taught by
Ekoparty Security Conference