Linksys hacking logo

Linksys Velop WiFi 5 Hacking (CVE-2024-36821)

IoT Hardware Penetration testing / Hacking against Linksys Velop WiFi 5 (WHW01v1) version 1.1.13.202617 (issued on September 18, 2020)

Useful links:

 

Sponsor:

 

Steps:

  • Disassembling
  • Extracting and analyzing the firmware
  • Get initial access
  • Escalate the privileges to root

 

Equipment:

  • Waveshare USB to UART Debugger Module -> Link
  • CH341A 24 25 Series EEPROM Flash BIOS USB Programmer Module -> Link
  • USB Logic Analyzer Set Mini Digital Pocket Size 8 Channel -> Link

 

Time frames:

  • 00:10 – Intro
  • 01:00 – Legal announcement
  • 01:24 – Equipment
  • 02:57 – Disassembling
  • 08:58 – Disassembling deeply
  • 11:48 – Extracting the firmware
  • 18:18 – Analyzing the firmware
  • 23:50 – Assemble back
  • 26:57 – UART wires connection
  • 44:27 – UART login
  • 49:49 – Get in and enumeration
  • 55:10 – Privilege escalation
  • 01:02:08 – Get root access
  • 01:09:56 – Wrapping up