Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Crafting and Detecting Persistent Backdoors in Draytek Routers

Ekoparty Security Conference via YouTube

Overview

Explore a 40-minute conference talk from Ekoparty Security Conference that delves into the security challenges and vulnerabilities of Draytek routers. Learn how researchers reverse-engineered Draytek's firmware format after investigating a client compromise, developing essential tools for firmware extraction where none previously existed. Discover how the RTOS kernel's ability to load code modules dynamically can be exploited for persistent threats that survive firmware upgrades. Understand the process of crafting and uploading malicious modules for persistence, and examine the defensive solution developed to assess module integrity in memory. Gain valuable insights into the security implications for over 500,000 Internet-exposed Draytek routers globally, and access newly developed community tools for enhanced observability, hardening, and vulnerability research on these critical edge devices.

Syllabus

Crafting and Detecting Persistent Backdoors in Draytek Routers- Gastón Aznarez y Octavio Gianatiempo

Taught by

Ekoparty Security Conference

Reviews

Start your review of Crafting and Detecting Persistent Backdoors in Draytek Routers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.