Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

I Hunt TR-069 Admins - Pwning ISPs Like a Boss

44CON Information Security Conference via YouTube

Overview

Explore the rising trend of residential gateway exploitation and the vulnerabilities in TR-069/CWMP, the de-facto CPE device management protocol, in this 33-minute conference talk from 44CON Information Security Conference. Delve into the previously under-researched Auto Configuration Server (ACS) software, which controls entire fleets of consumer premises devices for ISPs and Telco providers. Discover how compromising these servers can impact critical numbers of users. Examine several TR-069 ACS platforms, revealing instances of poorly secured deployments that could potentially grant control over hundreds of thousands of devices. Learn about exploits for vulnerabilities discovered in ACS software, including remote code execution on multiple platforms. Gain insights into the security landscape of SOHO routers and the potential risks associated with TR-069 protocol implementation.

Syllabus

I Hunt TR-069 Admins: Pwning ISPs Like a Boss - Presented By Shahar Tal

Taught by

44CON Information Security Conference

Reviews

Start your review of I Hunt TR-069 Admins - Pwning ISPs Like a Boss

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.