I'm new-ish to the IoT hacking space, but have a pretty strong CS background and work as a software engineer. About a week ago I started reversing a ~$50 smart camera from a brand that does have a web page that describes their process for responsible disclosure.
I haven't finished yet, but so far I've discovered:
-
The root password is hashed, but used a hash algorithm so weak that my 8 year old i5 cracked it in 30s
-
A way that any device on the same network as it can get camera feed with no authentication
-
A way to "take a picture" on the camera from any device on the network and keep it
And I haven't finished reversing it, I'm sure there will be more.
I just had a few questions:
First, are any of those exploits actually worth a CVE? And how do you decide if something is or isn't? And then what is the process supposed to be for submitting a CVE vs submitting a report through the company's responsible disclosure email? Is one supposed to happen before the other, or would I tell the company and they handle the CVE side?
Thanks!
[link] [comments]
from hacking: security in practice https://ift.tt/0pTnLth
Comments
Post a Comment