DNS Remote Code Execution: Finding the Vulnerability 👾 (Part 1)

Learn tricks and techniques like these, with us, in our amazing training courses! In 2019 and 2020, we DOMINATED the router Wide Area Network or WAN category in the Pwn2Own hacker competition. In this category, hackers attack network devices with previously unknown vulnerabilities, from external networks such as the Internet. Unfortunately, by 2021 our competitors reversed engineered our techniques, and the game was up. Today, we are starting a video series where we will show you our tips, tricks and techniques to find and exploit WAN vulnerabilities in network devices. And we’re starting with a beautiful DNS exploit that got us $20,000 in prizes. Let’s get ready to PWN! In this video, we will tell you the story of how we found CVE-2020-10881 in the Pwn2Own Tokyo 2019 hacking competition and present our Game Plan for exploiting it :-) 00:00 - Intro 00:50 - WAN vs LAN 03:12 - Target Introduction and Recon 05:23 - Finding an Open Port and Fuzzing It 07:48 - Quick Look in Ghidra for Crash Investigation 10:38 - What is conn-indicator Doing? 12:30 - DNS Protocol 17:50 - A Deeper Look in Ghidra 20:33 - DNS Packet Parsing and the Vulnerability 24:51 - Radek’s Evil Game Plan 28:03 - Our Training Did you enjoy this video? Then follow us on Twitter, and subscribe to our channel for more awesome hacking videos. ~ Flashback Team Background track: “Hackers“ by Karl Casey @WhiteBatAudio​