Posted by Zach Cutlip on Nov 07

Part 14 of Broken, Abandoned and Forgotten Code is up. In this final
part, we finish discussing post-exploitation. This is really the most
open-ended phase of exploitation, and I discuss a number of creative
things you can do with your target, once compromised. For this post, I
keep it simple with a reverse-TCP root shell. I discuss building the
stage 2 firmware, then flattening it, so the stage 1 firmware can
download and flash it.

Also, this…