Exploiting with BadUSB / Digispark + meterpreter payload Here is a small guide on how to create a BadUSB – stick with a meterpreter payload to Linux. BadUSB can be a normal USB memory stick with a customized firmware that’ll have the computer to recognize the device as a keyboard. Because of this, the computer […]

TP-Link TL-SC3171G IP-camera r00t I have few of these and due to recent hackings of ip – cameras and IoT devices, I decided to take a look at my own cameras (that are behind NAT by the way)… It was an interesting thing to do some research on these devices and they were actually very […]

Lets go through an exploit module I built for Metasploit Framework. In a nutshell, the exploit contains only a couple of key elements – a HTTP Client and Server and a generated malicious payload. I needed an easy way to abuse a Remote Command Execution vulnerability. A full exploit module that would generate the selected payload […]

How to intercept and proxy HTTP(S) requests from a mobile device without having to root the device.

First post of the RoT Team Blog.