LOL, TP-LINK. LMAO.
https://www.tp-link.com/us/support/faq/4464/
When a notification relating to low battery appears for a user with whom the device has been shared, tapping the notification grants full access to the power settings of that device.
Conversation
Notices
-
Embed this notice
cR0w :cascadia: (cr0w@infosec.exchange)'s status on Friday, 23-May-2025 09:14:07 JST 
cR0w :cascadia:
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 23-May-2025 09:14:02 JST 
Ryan Castellucci :nonbinary_flag:
@kajer @darfplatypus @cR0w @legacv Some Sandia National Labs people got mad about some of the shit soen and I pulled at tracerfire, lol.
Rooting someone's laptop to install nyanmbr was hilarious.
(yes, I fixed it)
-
Embed this notice
kajer (kajer@infosec.exchange)'s status on Friday, 23-May-2025 09:14:03 JST 
kajer
@darfplatypus @cR0w @legacv During the first few years of OpenCTF at Defcon ~16ish we ran an open http server on our network full of linux ISOs. Stuff like Ubuntu Live images, KALI, etc, including the matching .MD% and .SHA256 files
but these ISOs were all root kitted with open SSH servers and pre-populated root credentials. We ran a server that these ISO images did reverse SSH tunnels to, so we had root on nearly every other teams laptops because they all booted off the live ISO we had provided them.
no points for this, just a lot of full screen shock images.
-
Embed this notice
cR0w :cascadia: (cr0w@infosec.exchange)'s status on Friday, 23-May-2025 09:14:04 JST
cR0w :cascadia:
@darfplatypus @legacv I used to do this in my intro to security course with students. We'd start with easy stuff and then they'd download all sorts of weird shit like crock pot firmware, sous vide firmware, and of course cameras and routers. So much shit on the Internet.
-
Embed this notice
darf 😈 (darfplatypus@infosec.exchange)'s status on Friday, 23-May-2025 09:14:04 JST 
darf 😈
@cR0w @legacv friend of mine and I won a contest at DefCon for backdooring a malicious update into a samsung IOT camera. literally just take firmware off the internet, slam a netcat shell in the init system as root, put it on a web share and DNS AITM to feed it a bad update.
-
Embed this notice
cR0w :cascadia: (cr0w@infosec.exchange)'s status on Friday, 23-May-2025 09:14:05 JST
cR0w :cascadia:
@darfplatypus @legacv Damn your logic. I was just enjoying the thought of someone getting a popup, tapping it, and saying "I'm in" in a hacker voice. 😆
-
Embed this notice
darf 😈 (darfplatypus@infosec.exchange)'s status on Friday, 23-May-2025 09:14:05 JST
darf 😈
@cR0w @legacv Legacv if you ever get super bored and need an AppSec project, start downloading SOHO router firmware, then binwalk the filesystem out of it, then do security review of their web panels. I'm willing to bet within 10 you look at, you'll find something horribly wrong.
-
Embed this notice
darf 😈 (darfplatypus@infosec.exchange)'s status on Friday, 23-May-2025 09:14:06 JST
darf 😈
@legacv @cR0w I can only imagine that sharing notifications was a bolted on capability and their auth flow doesnt account for that properly. So theres no sense of RBAC for the shared with user and when they click it just lets them in like a fully auth'd user.
but thats me spitballing with literally zero research.
-
Embed this notice
legacv6 (legacv@infosec.exchange)'s status on Friday, 23-May-2025 09:14:07 JST 
legacv6
@cR0w how does this happen
-
Embed this notice
kajer (kajer@infosec.exchange)'s status on Friday, 23-May-2025 09:19:51 JST
kajer
-
Embed this notice
All GNU social JP content and data are available under the