• 安全分析与研究:专注于全球最新的恶意样本的分析与研究,深度追踪与解析恶意样本背后的黑色产业链
  • 安全分析与研究:关注全球最新的安全攻击技术,及时提供全球最新最有价值的威胁情报信息

物联网安全研究学习资料分享

学习资源 pandazhengzheng 11个月前 (11-01) 1161次浏览 2个评论 扫描二维码

随着物联网的发展,出现各种智能IOT设备,主要的设备包含:路由器,摄像头,智能家用电器等,Mirai的僵尸网络最近几年非常流行,已经出几十种不同的Mirai的变种样本,分享一些基于Mirai变种研究,以及物联网逆向、漏洞研究的一些学习资料

 

MiraiSecurity

https://www.cdxy.me/?p=746

http://www.freebuf.com/articles/network/119403.html

https://pastebin.com/svH8tvd9

http://www.freebuf.com/sectool/130091.html

http://www.tuicool.com/articles/qM7rMnb

https://h4ckth4tsh1t.com/index.php?u=/topic/18/ggsetup-a-mirai-botnet

https://github.com/rootblack45/Mirai-Source-Modded

https://github.com/Screamfox/-Mirai-Iot-BotNet

https://github.com/geniosa/qbot

https://github.com/DavidOfficiel/botnet

https://superkieran.github.io/WooyunDrops/#!/drops/1165.WireShark%E9%BB%91%E5%AE%A2%E5%8F%91%E7%8E%B0%E4%B9%8B%E6%97%85%EF%BC%888%EF%BC%89%E2%80%94%E9%92%88%E5%AF%B9%E8%B7%AF%E7%94%B1%E5%99%A8%E7%9A%84Linux%E6%9C%A8%E9%A9%AC

https://superkieran.github.io/WooyunDrops/#!/drops/1138.Remaiten-%E4%B8%80%E4%B8%AA%E4%BB%A5%E8%B7%AF%E7%94%B1%E5%99%A8%E5%92%8CIoT%E8%AE%BE%E5%A4%87%E4%B8%BA%E7%9B%AE%E6%A0%87%E7%9A%84Linux%20bot

https://www.pnfsoftware.com/blog/automatic-identification-of-mirai-original-code/

New IoT/Linux Malware Targets DVRs, Forms Botnet
https://researchcenter.paloaltonetworks.com/2017/04/unit42-new-iotlinux-malware-targets-dvrs-forms-botnet/

http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html

https://mirai.badpackets.net/

 

DNS Server 配置学习

http://www.imooc.com/learn/634

http://blog.csdn.net/bluecy/article/details/44907215

https://www.youtube.com/watch?v=riGz7gBXCKc

https://www.youtube.com/watch?v=pAJNB1d3DzE

https://www.youtube.com/watch?v=DuVNclBfykw

 

Honeypot

http://www.nothink.org

http://www.iexplo1t.com/2016/05/Honeypot.html

https://github.com/paralax/awesome-honeypots

https://check-host.net

ARM Exploit Development

https://azeria-labs.com/writing-arm-shellcode/
https://azeria-labs.com/process-memory-and-memory-corruption/
https://azeria-labs.com/part-3-stack-overflow-challenges/

虚拟机安装

https://app.vagrantup.com/boxes/search

交叉编译虚拟机

http://kozos.jp/vmimage/burning-asm.html

固件分析相关文章

安防IP Camera固件分析 http://www.bugsec.org/3749.html

事件跟踪:贝尔金路由器(Belkin router)0day溢出漏洞分析 http://www.bugsec.org/6983.html

Part 1: Hacking HI3518 based IP camera https://felipe.astroza.cl/hacking-hi3518-based-ip-camera/?utm_source=tuicool&utm_medium=referral

Pwning CCTV cameras https://www.pentestpartners.com/security-blog/pwning-cctv-cameras/

说说无线路由器后门的那些事儿(1)-Dlink篇 http://www.freebuf.com/articles/wireless/18810.html

REVERSING AND EXPLOITING BLE 4.0 COMMUNICATION http://payatu.com/reversing-exploiting-ble-4-0-communication/

IoT设备程序开发及编译环境搭建初体验 http://www.freebuf.com/sectool/130091.html

DLink路由器固件的一次分析记录 http://bbs.pediy.com/thread-209773.htm

黑入Virgin Media Super Hub http://bobao.360.cn/learning/detail/4048.html

海康威视网络摄像机远程访问发现XXE漏洞 http://www.2cto.com/article/201610/553158.html

An easy way to pwn most of the vivotek network cameras https://blog.cal1.cn/post/An%20easy%20way%20to%20pwn%20most%20of%20the%20vivotek%20network%20cameras

TP-Link WR841N路由器任意代码执行漏洞分析 http://bobao.360.cn/learning/detail/4008.html

如何攻击 IP 摄像头并搭建分析环境? http://www.tuicool.com/articles/qM7rMnb

【技术分享】物联网设备安全分析之网络摄像头篇 http://bobao.360.cn/learning/detail/3269.html

【技术分享】智能家居设备安全分析手记 http://bobao.360.cn/learning/detail/3270.html

Collection of modifications for the XiaoFang WiFi Camera https://github.com/samtap/fang-hacks

分析感染华硕路由器的P2P僵尸网络程序TheMoon http://www.freebuf.com/articles/terminal/117437.html

解密“智魁”攻击行动——针对路由器蠕虫攻击事件分析报告 https://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.mO6T6P&id=26

国外黑客发现的海康威视远程系统XXE漏洞分析 http://www.freebuf.com/vuls/116613.html

大量浙江大华监控设备弱口令漏洞
http://bbs.pediy.com/thread-201337.htm

大华摄像机存在安全漏洞:黑客可远程监控你的摄像头 http://bobao.360.cn/news/detail/1388.html

黑客的日常:Hacking网络摄像头(Part1) http://www.freebuf.com/articles/wireless/81985.html

Burglar and Hacker – When Physical Security Is Compromised by IoT Vulnerabilities
http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/

Exploit Cameras https://www.lynahex.com/index.php/archives/exploit-cameras.html

某CCTV摄像头漏洞分析
https://superkieran.github.io/WooyunDrops/#!/drops/1042.%E6%9F%90CCTV%E6%91%84%E5%83%8F%E5%A4%B4%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90

Hacking Smartwatches – the TomTom Runner, part 1 http://grangeia.io/2015/11/09/hacking-tomtom-runner-pt1/

IP Camera固件分析
https://superkieran.github.io/WooyunDrops/#!/drops/329.%E5%AE%89%E9%98%B2IP%20Camera%E5%9B%BA%E4%BB%B6%E5%88%86%E6%9E%90

Devil’s Ivy: The Technical Details http://blog.senr.io/devilsivy.html

Hacking the D-Link DIR-890L
http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/

Samsung SmartCam​https://www.exploitee.rs/index.php/Samsung_SmartCam%E2%80%8B

Exploiting IoT enabled BLE smart bulb security
https://www.peerlyst.com/posts/exploiting-iot-enabled-ble-smart-bulb-security-aditya-gupta

使用Zoomeye渗透网络摄像头
http://simeon.blog.51cto.com/18680/1744228

REVERSE ENGINEERING A BLE SERVICE TO CONTROL A LIGHT BULB https://iayanpahwa.github.io/Reverse-Engineering-IoT-Devices/

利用Hackrf进行GPS劫持实验流程攻略 http://www.freebuf.com/articles/terminal/144296.html

Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html

逆向工程家庭安全系统:解码固件更新 https://markclayton.github.io/reverse-engineering-my-home-security-system-decompiling-firmware-updates.html

FIRMWARE EXPLOITATION WITH JEB: PART 1
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-1/

FIRMWARE EXPLOITATION WITH JEB: PART 2 https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-2/

Getting Started with Damn Vulnerable Router Firmware (DVRF) v0.1
https://p16.praetorian.com/blog/getting-started-with-damn-vulnerable-router-firmware-dvrf-v0.1
https://github.com/praetorian-inc/DVRF

重温SOHO路由器攻击(针对多款路由器的漏洞挖掘)
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_054_Rueda_SOHORouter.pdf

D-Link-Dir-850L-远程命令执行漏洞
https://xianzhi.aliyun.com/forum/read/2010.html

TEW-654TR路由器漏洞分析和挖掘
http://www.freebuf.com/vuls/126766.html

从内网弱口令到公网智能路由器
http://www.freebuf.com/vuls/125271.html

对某路由器进行的渗透测试
http://www.freebuf.com/articles/terminal/124069.html

D-Link路由器固件后门,导致内网域名劫持
http://www.freebuf.com/articles/terminal/113487.html

极客Hacking:手把手教你Root谷歌OnHub路由器
http://www.freebuf.com/news/topnews/82147.html

RouterSploit:路由器漏洞检测及利用框架
http://www.freebuf.com/sectool/101441.html

工具推荐:Scanner Routerhunter,路由器漏洞扫描器
http://www.freebuf.com/sectool/101180.html

技术分享:逆向破解华为路由器
http://www.freebuf.com/news/topnews/101852.html
http://www.freebuf.com/geek/103551.html
http://www.freebuf.com/geek/105617.html

路由器固件安全分析技术
https://www.vulbox.com/knowledge/detail/?id=35
https://www.vulbox.com/knowledge/detail/?id=42

必虎路由器大量高危漏洞分析
http://www.freebuf.com/news/112626.html

逆向路由器固件之解包 Part1
http://www.freebuf.com/sectool/75915.html

逆向路由器固件之敏感信息泄露 Part2
http://www.freebuf.com/articles/terminal/76481.html

逆向路由器固件之SQL注入(Part3)
http://www.freebuf.com/vuls/76755.html

路由器驱动组件NetUSB(CVE-2015-3036 )远程代码执行exp
http://www.freebuf.com/vuls/81773.html

华为Wimax路由器被爆存在多个漏洞
http://www.freebuf.com/articles/terminal/87957.html

针对路由器的MIPS架构Linux木马详解
http://www.freebuf.com/articles/network/88798.html

中兴路由器(SOHO Router)暗藏后门
http://www.freebuf.com/news/58137.html

TP-link TL-WR840N系列路由器存在CSRF漏洞,可修改任意配置(含POC测试过程)
http://www.freebuf.com/vuls/56526.html

华硕路由器曝远程命令执行漏洞
http://www.freebuf.com/news/56074.html

国外路由器密码扫描工具
http://www.freebuf.com/sectool/31680.html#

说说无线路由器后门的那些事儿(1)-Dlink篇
http://www.freebuf.com/articles/wireless/18810.html

NetGear路由器可以通过命令注入获取ROOT权限[附EXP]
http://www.freebuf.com/articles/wireless/15641.html

我是如何反编译D-Link路由器固件程序并发现它的后门的
http://www.freebuf.com/articles/wireless/14964.html

知道工具之硬件路由相关
https://mp.weixin.qq.com/s/QdiI66ZDsHj7MaMB6c88Ug

专门收集各大信息安全会议资料的网站
https://infocon.org/cons/

Reverse Engineering & Exploitation of a “Connected Alarm Clock”
https://courk.fr/index.php/2017/09/10/reverse-engineering-exploitation-connected-clock/

我是怎么打开车库门的:ASKOOK手动解码及重放
http://www.freebuf.com/articles/wireless/146781.html

IOT SECURITY – PART 1 (101 – IOT INTRODUCTION AND ARCHITECTURE)
http://payatu.com/iot-security-part-1-101-iot-introduction-architecture/
http://payatu.com/iot-security-part-2-101-iot-attack-surface/

ARM exploitation for IoT – Episode 1
https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
ARM exploitation for IoT – Episode 2
https://quequero.org/2017/09/arm-exploitation-iot-episode-2/

Reverse Engineering the OBi200 Google Voice Appliance
https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-1/
https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-2/

Enlarge your botnet with: top D-Link routers (DIR8xx D-Link routers cruisin’ for a bruisin’) https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin

Exploiting Embedded Systems – Part 1
http://www.devttys0.com/2011/09/exploiting-embedded-systems-part-1/

针对联网智能灯泡的安全性分析
https://www.contextis.com/blog/hacking-into-internet-connected-light-bulbs

看我如何一步一步发现TP-Link路由器的远程代码执行(CVE-2017-13772)
https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/

ZTE ZXR10 路由器多个安全漏洞披露
https://blogs.securiteam.com/index.php/archives/3495

技术分享】智能门锁也会得“癌症”?如何通过手机搞定蓝牙门锁
http://bobao.360.cn/learning/detail/4614.html

ARM exploits https://quequero.org/2017/07/arm-exploitation-iot-episode-1/

NBotLoader: Netgear Bug Weaponized as a Dangerous Exploit
https://blog.newskysecurity.com/nbotloader-netgear-bug-weaponized-as-a-dangerous-exploit-ea7869217e89

如何利用Shodan API和Python自动扫描高危设备
http://www.4hou.com/web/8803.html

通过CVE-2017-17215学习路由器漏洞分析,从入坑到放弃
http://www.freebuf.com/vuls/160040.html

hack ble https://smartlockpicking.com/hackmelock/

BLE安全初探之HACKMELOCK
https://larry.ngrep.me/2018/11/24/ble-sec-hackmelock/

IoT 分析 | 路由器漏洞频发,Mirai 新变种来袭 https://www.anquanke.com/post/id/166645

因为看见,所以发现:QBotVariant谢绝落幕 https://www.anquanke.com/post/id/164230

路由器漏洞分析集合(PAGalaxyLab )
https://github.com/PAGalaxyLab/VulInfo

物联网安全学习笔记之一——MIPS汇编语言基础
https://www.anquanke.com/post/id/162992
物联网安全学习笔记之二——小试牛刀
https://www.anquanke.com/post/id/166821

UPnP下的匿名IoT僵尸网络
https://www.anquanke.com/post/id/167058

白话物联网安全(一):什么是物联网的信息安全
https://www.freebuf.com/column/191098.html

白话物联网安全(二):物联网的安全检测
https://www.freebuf.com/articles/wireless/191065.html

白话物联网安全(三):IoT设备的安全防御
https://www.freebuf.com/articles/wireless/192086.html

智能锁具攻防 一:初探
https://mp.weixin.qq.com/s/LrAQoApOrEdcrJh6BaMOaw

Linux.Omni IoT恶意软件分析
https://www.freebuf.com/articles/ics-articles/192066.html

低功耗蓝牙攻击实用指南
https://www.anquanke.com/post/id/168116

基于VxWorks的嵌入式设备固件分析方法介绍
https://mp.weixin.qq.com/s/lDZWjgAoJmD141ppd8DjgA

TP-Link TL-R600VPN远程代码执行漏洞分析
https://www.anquanke.com/post/id/169793

挖洞经验丨看我如何挖到多个D-LINK高危漏洞 https://www.freebuf.com/vuls/195309.html

智能摄像头安全分析及案例参考
https://www.freebuf.com/articles/terminal/203311.html

Reversing Firmware- How does that work?
http://1585security.com/Firmware-Reversing-1/

 

欢迎关注微信公众号:安全分析与研究,专注于全球 恶意样本的分析与研究,深度追踪与解析恶意样本背后的黑色产业链,及时提供全球最新的威胁情报信息

如果对恶意样本研究技术感兴趣,可以加入知识星球:安全分析与研究,加入星球的朋友可以加入《安全分析与研究》微信专业群,与群里的各位安全研究员一起交流,讨论,研究各种安全技术,让你在学习成长的路上多一个伙伴,共同学习,共同成长

安全的路很长,贵在坚持……


安全分析与研究, 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:物联网安全研究学习资料分享
喜欢 (5)

您必须 登录 才能发表评论!

(2)个小伙伴在吐槽
  1. Nice,幸苦
    Timelife2019-11-02 08:44