Giters

reillychase / IoT-Hacking-DNS-Hijacking-Firmware-Upgrade-PoC

A PoC for upgrading firmware via DNS hijacking on a Momentum IP camera

Repository from Github https://github.comreillychase/IoT-Hacking-DNS-Hijacking-Firmware-Upgrade-PoCRepository from Github https://github.comreillychase/IoT-Hacking-DNS-Hijacking-Firmware-Upgrade-PoC

CVE-2018-12257 IoT-Hacking-DNS-Hijacking-Firmware-Upgrade-PoC

A PoC for upgrading firmware via DNS hijacking on a Momentum IP camera

It is possible to upgrade the firmware on Momentum IP camera by changing /etc/resolv.conf to the attacker's DNS server, then hosting this https-server.py page with firmware upgrade instructions.

For more information see https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf

About

A PoC for upgrading firmware via DNS hijacking on a Momentum IP camera

License:GNU General Public License v3.0

Languages

Language:Python 65.5%Language:HTML 34.5%