Exploiting Routers: Just Another TP-Link 0-Day

INTRODUCTION In this post, I will be discussing our recent finding (CVE-2018-16119) while conducting vulnerability research on a home router: TP-Link’s WR1043ND home WiFi router. This post is a walkthrough to the steps taken to identify the vulnerability and how it can be exploited to gain remote code execution in the device. THE DEVICE The […]

2FA Authentication

Behind the Scenes: Bypassing 2FA Authentication

So, you know what 2FA is, right? Well, the hard theory says: ‘Authentication is understood as the procedure to ensure that a person is who he claims to be’. DISCLAIMER: In this blogpost, SecSignal supposes that via different attack vectors, The Assessment Team already has the credentials

Who hit you? Hacking license plates

This case is about a traffic accident, the team it will use a random license plate for this post in explicative mode. The license plate to use will be JMO 089 The initial question? Is there a system that allows to request the data and status of a vehicle that is actually on the road? […]