When: Tue December 13, 2011 07:30 PM to 09:00 PM
Speaker: Kyle Rankin
Location: O'Reilly Media
While it is fun to learn how to hack, sometimes it’s tough to practice your skills without breaking any laws. It turns out if you have any consumer devices on your local network, you already have everything you need to practice penetration testing. In this talk I will discuss my experience with the Dlink DIR-685 Wireless N router and how with just a few basic skills I was able to find multiple exploits, including one that gave me root, all through the web interface. As I describe the attacks I’ll demonstrate the exploits with a live demo. If you’ve ever wanted to get started with penetration testing of web services, this talk with introduce you to some basic concepts you can apply to all sorts of poorly-coded PHP sites. If you are interested in how to root consumer devices that don’t already have special firmware, this talk will give you some pointers on how to break in via the web interface.