O'Reilly logo

IoT Penetration Testing Cookbook by Aditya Gupta, Aaron Guzman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

The process of finding command injectable pages within an embedded web application is rather trivial. The first places within an application we want to examine are diagnostic pages that make use of system commands, such as ping or traceroute, but also configuration setting pages for daemons, such as SMB, PPTP, or FTP. If we have acquired firmware or gained access to a target device's console, it's always best to statically analyze vulnerable scripts and functions that the device executes and validate potential findings discovered via dynamic analysis:

  1. Let's have a look at our target IP camera's configuration menu settings to pinpoint a potentially vulnerable page:
  1. There are not many pages to choose from, but we do see ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required