DEF CON 22 I Hunt TR 069 Admins Pwning ISPs Like a Boss
Christopher Chance
cchance at newtechgrp.com
Fri Jan 16 18:34:28 EST 2015
Ahh yes custom regex vs using the builders much safer and in the end cleaner code too.
I had to make my self make the change in my .net apps too tho its a hard habbit to break :)
On Jan 16, 2015 5:10 PM, Zaid Abdulla <zaid at genieacs.com> wrote:
Hello,
I thought you guys might be interested in this TR-069 related talk:
https://www.youtube.com/watch?v=DlID0CH3j4M
In this talk Shahar and his team from Checkpoint Technologies researched
a few ACS systems looking for security vulnerabilities. GenieACS was one
of the systems they looked into and found a vulnerability. They were
kind to inform me before publishing their findings. This is the fix of
said vulnerability if anyone is curious:
https://github.com/zaidka/genieacs/commit/03f9a9e6289c18f3a9742d9737552d150294605d
Zaid
_______________________________________________
Users mailing list
Users at lists.genieacs.com
http://lists.genieacs.com/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20150116/d0aaedbf/attachment.html>
More information about the Users
mailing list