My Portfolio

Winbox Exploit - Remote Code Execution

Proof of Concept for the CVE-2018-14847 Winbox vulnerability, This allows a remote attack to read arbitrary files. In this project we try to obtain the '/flash/rw/store/user.dat' file which contains login details. The password 'hash' can be decoded to plain text.

C#Reverse Engneering
Disable AdBlocker