Realtek eCos SDK SIP ALG buffer overflow
A bug in a Realtek software development kit (SDK) means any third party devices with software that uses the SDK could inherit a vulnerability in their Session Initiation Protocol (SIP) implementations.
A bug in a Realtek software development kit (SDK) means any third party devices with software that uses the SDK could inherit a vulnerability in their Session Initiation Protocol (SIP) implementations.
We're releasing a custom Ghidra loader for Broadcom's ProgramStore firmware format.
This is a guest post by cq674350529 on searching (and finding) the correct load address of an eCos firmware image from Zyxel.
How to gain persistence with firmware implants on Broadcom eCos.
In this article I’ll explain how to craft shellcode that you can deliver as a second stage to a victim eCos device. I’m specifically covering the Broadcom variant of eCos here.
Methodology and corresponding techniques that you can use to exploit buffer overflows on the Broadcom variant of eCos.
In this post I’ll share tools, tips, and tricks to help you reverse engineer an eCos firmware image dumped from a Broadcom eCos BFC cable modem. I consider that you have an extracted firmware image with you and the latest version of Ghidra installed.
Let's reverse Broadcom's custom memory allocator for eCos.
Let's go over my methodology to reverse the memory layout used by eCos, and more specifically by the Broadcom variant of eCos.
Let's go through the different steps I followed when trying to understand interrupt and exception handling on eCos.
In this blog post we'll dive into jclehner’s bcm2-utils tools and perform the following steps. : dump an unknown bootloader with bcm2dump, reverse engineer specific sections of the booloader, write a device profile for bcm2dump, dump the NAND flash and extract the eCos firmware, and dump the SPI flash and analyze non-vol settings. From there, we will patch non-vol settings to enable console access, flash it and then adapt the console section of our initial bcm2dump profile.
ecos.wtf aims at documenting in a single place everything related to eCos platform security research.