Blog Category: vulnerability research

Pulling MikroTik into the Limelight

A detailed overview of the "Pulling MikroTik into the Limelight" talk as presented by Harrison Green and Ian Dupont at REcon 2022. This post expounds key concepts regarding the internal workings of MikroTik's customized operating system, RouterOS, and provides tools to accelerate individual research into these routers. This includes a reliable process for rooting RouterOS virtual machines, unique visualizations of router IPC, custom scripts implement hand-rolled crypto, and a novel jailbreak POC that pops a shell on any v6 MikroTik device. … Read More 

MikroTik Authentication Revealed

MikroTik altered its router authentication protocol in 2019, a change which frustrated developers, system admins, and researchers whose customized tooling is now broken. Our team at Margin Research successfully reverse engineered the new process, are we are excited to share protocol details. This blog post outlines the cryptographic steps and offers proof of concept programs to demonstrate the new protocol. … Read More 

Hardware Hacking For Software Hackers

This blogpost will help anyone who is trying to do vulnerability research and/or exploit development on a physical device, and who does not have a debugging setup, shell, or firmware! Or, better put: let's get you some root shells without the hassle of finding a 0-day! … Read More 

Remote Android Debugging

Remote android debugging across the planet using Frida. … Read More