Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a 40-minute conference talk from Ekoparty Security Conference that delves into the security challenges and vulnerabilities of Draytek routers. Learn how researchers reverse-engineered Draytek's firmware format after investigating a client compromise, developing essential tools for firmware extraction where none previously existed. Discover how the RTOS kernel's ability to load code modules dynamically can be exploited for persistent threats that survive firmware upgrades. Understand the process of crafting and uploading malicious modules for persistence, and examine the defensive solution developed to assess module integrity in memory. Gain valuable insights into the security implications for over 500,000 Internet-exposed Draytek routers globally, and access newly developed community tools for enhanced observability, hardening, and vulnerability research on these critical edge devices.
