Although they're getting way less frequent than they used to be, I knew some people who were able to get backdoors for some network switches and SAN hardware (not the easy sysadmin/sysadmin stuff, but why the fuck does nobody change that?).
 Any interest in building up something like that here?

(June 23, 2022, 04:23 PM)jpx Wrote: Although they're getting way less frequent than they used to be, I knew some people who were able to get backdoors for some network switches and SAN hardware (not the easy sysadmin/sysadmin stuff, but why the fuck does nobody change that?).
 Any interest in building up something like that here?

I do a bit like this with routers. Those backdoors are usually in there from telco companies to push some updates or get information from those systems. A lot of the easier stuff is on cheap cameras for example where the manufacturer just doesn't think about one ever breaking into that thing with a JTAG or serial port.
A good start is to use binwalk, a jtagulator, some buspirate and reverse engineering the software on there with ghidra and take the unix subsystem in general.

Its a lot of work.

(June 23, 2022, 04:23 PM)jpx Wrote: Although they're getting way less frequent than they used to be, I knew some people who were able to get backdoors for some network switches and SAN hardware (not the easy sysadmin/sysadmin stuff, but why the fuck does nobody change that?).
 Any interest in building up something like that here?

It does provide an ease of access to people who are on the development team to make changes to code, or try to fix bugs or other stuff.

Check out Seclists by danielmiessler he has a pile of common login/password lists: https://github.com/danielmiessler/SecLists