Recently I had a Tablo Dual Lite OTA DVR appliance fall into my hands from a family member after its wireless started to act up. Doing what I do best, I decided to tear it apart and figure out how it works and in doing so found a few methods to gain root access into the stock firmware. One thing I did not expect to find, however, is an engineering backdoor that could be hijacked to provide an easy method for root access.
Continue readingTag Archives: exploit
Pwning/Rooting the Meraki MR18 – Again!
Here we go again, this time with a new way to root the Cisco Meraki MR18. Note that this method will ONLY work on the MR18, and I am not responsible for any damaged devices if you want to try this on something else as it will not work!
Pwning/rooting the Cisco Meraki MR18
If you haven’t noticed, in my spare time I really enjoy breaking into embedded devices for the fun of things. Over the past year, I have spent a ton of time rooting the Cisco Meraki MR18, and today I get the chance to publicly disclose my findings.
To start, let me note by saying I have properly disclosed this issue to Cisco Meraki months ago, but due to the fact they are no longer replying to my emails or honoring their own Bug Bounty, I have decided to publicly disclose this after waiting over 90 days since their last reply. Hopefully one of these days I will write up the process I used to find this “exploit”.
Securing PHP when using Virtualmin
Recently for a fun project, I decided to set up an automated shared web host to test my coding abilities. I decided to go with a simple name, similar to one of my other domains. I ended up with Chris Host It. Sure its cheesy and not very professional, but this is just a test project after all. The problem was the back end I went with didn’t secure PHP as well as I wanted it to by default, so I had to fix that up. So here is a quick guide on securing PHP when using Virtualmin.
Continue reading