DisguiseDelimit - Exploiting Synology NAS with Delimiters and Novel Tricks

Learn how to exploit Synology Network Attached Storage (NAS) devices through delimiter smuggling techniques and novel remote Linux exploitation methods in this DEF CON 33 conference talk. Discover the development process behind a zero-day exploit that affected dozens of Synology NAS products, enabling unauthenticated root-level remote code execution on millions of devices in their default configuration. Explore the speaker's exploitation strategy that centers around smuggling different types of delimiters targeting multiple software components within NAS systems. Understand why traditional exploitation methods for this vulnerability class required additional primitives that weren't available on the target devices, and how this limitation led to the discovery of innovative attack vectors. Gain insights into a novel remote Linux exploitation technique that can be integrated into future exploit chains by security researchers. Examine the detailed vulnerability research methodology that earned recognition with a $40,000 prize at the October 2024 Pwn2Own competition, including the specific techniques used to identify and exploit weaknesses in network-edge devices that provide remote access to confidential files and internal networks from the public internet.