Our presentation focuses on SOHO router security, specifically, exploiting router vulnerabilities to gain direct access to the internal WiFi network without having to crack encryption keys.

We discuss various methods of router reconnaissance, including some new tools that we’ve written specifically for this purpose, how to obtain WPA keys using simple HTML img tags, and how to own the WiFi network remotely using anti-DNS pinning attacks.

We even throw in some hardware hacks, describing how to implant a hardware backdoor into a router’s WPA encryption using nothing more than a stick of gum or a simple $8 circuit.

Download the slides here!