Frey

Frey

Red & Blue. Est 1998.
Vulnerability Research Hobbyist. Opinions are my own.

Posts by Category

RE

A Tale of FRP Bypass - Lenovo

This blog elucidates an issue encountered during the initialization of a newly acquired Lenovo device, obtained through a contact in the Netherlands (thanks Alex), featuring Factory Reset Protection (FRP). My interest was piqued by the challenge posed in activating the device. The commencement of this investigative process involved an in-depth exploration of FRP, its inherent functionalities, and its potential to enforce a stringent lockdown on the device in instances of theft or to restrict access, even following a complete restoration to factory settings. Disclaimer

Tearing the Fourth Wall : Breaking Zyxel Encryption

During a Web App Penetration Test assessment for a client, I came across a Zyxel ZyWall 310 Web Portal. At the time, I couldn’t exploit it nor could I find any weaknesses on it, but for some reason it stuck in my head, and I thought that I want to poke around and dissect the firmware. This blog describes my train of thought and how I approached it, and what techniques I applied to bypass the encryption mechanism of the stock firmware to get the uncompressed version of it. As far as I know, this topic has been analyzed in plenty of research papers already. Shout out to @jaylagorio and @Dr Amir Mehmood for the awesome research they’ve done so far.

Reversing ISP Router Firmware [Part 2]

It’s been a year since I have posted Part[ 1 ] of the Reverse Engineering series mainly because Iam in the military; oh well anyway, Part[ 2 ] will be focusing on emulating the firmware. We will be using some out of the box tools to make our lives and debugging easier. Note to the viewers Part[ 2 ] highlights the emulation therefore it’s assumed that every tool and firmware that is shown here is downloaded & installed.

Reversing ISP Router Firmware [Part 1]

A few days ago i decided that i want to reverse engineer one of my ISP’s routers, specifically the ZTE Router Models. Why would i do that? Well because it’s fun messing around with custom firmwares.

Back to Top ↑