GitHub - actuator/DEFCON-33: Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G/LTE Routers

Overview

Materials and references for my DEF CON 33 talk on exploiting vulnerabilities in Tuoshi and Kuwfi 5G & LTE Routers.

Covers CVE discoveries, exploitation demos, and lessons learned from vendor analysis.

Tuoshi (Dionlink): NR500-EA, LT15D, LT21B

Kuwfi: GC111, AC900, CPF908, 5G01-X55

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
DC33.pdf		DC33.pdf
DEMO_1.mp4		DEMO_1.mp4
DEMO_2.mp4		DEMO_2.mp4
DEMO_3.mp4		DEMO_3.mp4
DEMO_4.mp4		DEMO_4.mp4
DEMO_5.mp4		DEMO_5.mp4
DEMO_6.mp4		DEMO_6.mp4
DEMO_7.mp4		DEMO_7.mp4
DEMO_8.mp4		DEMO_8.mp4
README.md		README.md
jhttpd-Model-NR500-EA-Firmware-RG500UEAABxCOMSLICv3-4-2731-16-43		jhttpd-Model-NR500-EA-Firmware-RG500UEAABxCOMSLICv3-4-2731-16-43
jhttpd-dionlink-M7628NNxlSPv2xUI_v1-0-1802-10-08_P4		jhttpd-dionlink-M7628NNxlSPv2xUI_v1-0-1802-10-08_P4
kthy_topsw_goahead_GC111-GL-LM321_V3.0_20191211		kthy_topsw_goahead_GC111-GL-LM321_V3.0_20191211