New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update TP-Link AC1750 Pwn2Own 2019 module #14365
Conversation
|
I have requested a CVE number from MITRE for the bypass and will post here as soon as I get it. Otherwise, the module is good to go, as you can see besides the check the changes are minimal, and I have tested in both A7 and C7 versions, odl and new firmware. |
|
yello this is good to go! I'll promise I'll deal with #14206 straight after this :D |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pedrib this looks OK to land.
Would you mind re-basing onto master and squashing it into single commit?
In theory I can do that for you...
|
@timwr I'm a git noob, how do I do that? |
|
On the command line: to squash all the commits into one. Alternatively you can just do: Then just force push: |
|
I think that's done? Hope I didn't destroy anything, let me know! |
|
Actually I think you just added 2 more commits rather than squashing the existing ones |
|
Jebus, what a noob... do you mind squashing it for me? I think some of your guys were able to do that before. |
|
I pushed it but now it shows us both in the commit, I hope that's OK. |
|
of course, thank you! |
|
Original Release notes This PR updates the TP-Link AC1750 Pwn2Own Tokyo 2019 module to slightly modify the injection technique. |
Release NotesUpdated the |
This PR updates the TP-Link AC1750 Pwn2Own Tokyo 2019 module to slightly modify the injection technique.
The new modified technique allows bypass of a patch that TP-Link issued in early 2020. The vulnerability was discovered and intended to be used in Pwn2Own Tokyo 2020, but they smartened up and patched it (this time for good) just a few days ago in the latest firmware.
The module now works on both old and new firmware up to the patched version, and also improves firmware version detection for both the A7 and C7 routers.
For more details please see: https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/minesweeper.md