Explore a captivating DefCamp 2016 conference talk that delves into the intriguing world of urban hacking. Learn how a security researcher uncovered vulnerabilities in Tel Aviv's open WiFi system, following their journey from initial discovery to successful exploitation. Gain insights into the tools and techniques used, including Binwalk for firmware analysis and the process of unpacking initrd files. Discover multiple vulnerabilities in the cgibox.cgi file and understand how they were leveraged to create an exploit. Watch a live demonstration of the hack and reflect on the broader implications of urban infrastructure security. This 28-minute presentation offers valuable lessons for cybersecurity professionals, city planners, and anyone interested in the intersection of technology and urban environments.
Overview
Syllabus
Intro
ABOUT ME
I'm going to tell you a story
TEL-AVIV OPEN WIFI
Bad habit
So what is it?
Plan 1.0
BINWALK - Tutorial
unsquashfs-Izma
Dump Dump Dump
Checking for the right version
Unpacking the initrd
First vulnerability
Hello cgibox.cgi
cgibox.cgi – Attack surface
Vulnerability 2 & 3 - logging out
Exploit draft
bootdata2.bin
Demo
The Ukrainian hacker
Taught by
DefCamp
