Zyxel Backdoor & A Known Plaintext Attack

In this video I discuss a recent finding where an undocumented admin-user account was found in Zyxel security products, accessible over SSH and via the web. As such, I showcase a simple technique called a 'Known Plaintext Attack' which can help enable you to analyse this Zyxel device firmware. LINKS / BLOGS ============ https://www.zdnet.com/article/backdoor-account-discovered-in-more-than-100000-zyxel-firewalls-vpn-gateways/ https://www.zyxel.com/support/CVE-2020-29583.shtml https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html https://math.ucr.edu/~mike/zipattacks.pdf https://portal.myzyxel.com/my/firmwares TOOLS ====== https://formulae.brew.sh/formula/pkcrack https://formulae.brew.sh/formula/squashfs https://github.com/cybercdh/hacks/blob/master/zyxel/zyxel.sh FOLLOW ====== You can join in the conversation by following me at https://twitter.com/cybercdh THANKS ======= If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE! Many thanks for watching, it means a lot. Peace out. ✌️ @cybercdh

• #science_technology
• #zyxel
• #malware
• #backdoor
• #firmware
• #known_plaintext_attack
• #kpa
• #zip_crack
• #pkcrack
• #password_crack