Explore a detailed security research presentation from DEF CON 32 where student researchers from Brigham Young University reveal their discovery of nine zero-day vulnerabilities in Vilo Living home routers. Learn about their comprehensive investigation process, starting with initial reconnaissance and progressing through hardware hacking, cloud infrastructure analysis, and firmware examination. Follow their journey of vulnerability discovery, including critical findings like stack overflows, authentication bypasses, and command injection vulnerabilities. Understand the challenges faced during vendor disclosure, CVE filing, and the broader implications for IoT security. Gain insights into the systematic approach used for discovering security flaws in consumer-grade networking equipment, from OSINT techniques and hardware analysis to cloud enumeration and firmware reverse engineering. Discover practical lessons about IoT device security, vendor responses to vulnerability disclosures, and potential areas for future security research in the IoT space.
Finding Zero-Day Vulnerabilities in Vilo Home Routers - Security Research Process and Discoveries
Overview
Syllabus
DEF CON 32 Finding 0days in Vilo Home Routers Justin Mott & Ava Petersen
Taught by
DEFCONConference
Related Courses
-
Inside Dash Cam Custom Protocols and Security Vulnerabilities
-
What to Expect When You're Exploiting - Zero-Day Vulnerabilities in Baby Monitors and Wi-Fi Cameras
-
Defeating ATM Disk Encryption - Security Vulnerabilities in Vynamic Security Suite
-
Generating Software Bill of Materials Through Hardware Hacking - A Case Study of Bob the Minion Router
-
Detecting Persistent Threats on Draytek Devices - Security Assessment and Mitigation Tools
