Skip to content

Latest commit

 

History

History
 
 

otwhat-1

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 

OTWhat 1

Category: Crypto

Difficulty: Easy

Author: nullableVoid*#7225

We found this exposed IoT thing. It doesn't do anything we can exploit, but there's a HTTP server that's meant for updating. We have a malicious update server at https://EVILCODE/, and any path can work with the update mechanism, but we don't have an OEM signature for it. Can you trick it into running our malware?