{"id":9205,"date":"2013-01-31T16:17:07","date_gmt":"2013-01-31T22:17:07","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=9205"},"modified":"2013-03-13T10:29:58","modified_gmt":"2013-03-13T15:29:58","slug":"belkin-wemo-remote-shell-and-rapid-state-change-exploit","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=9205","title":{"rendered":"Belkin WeMo remote shell and rapid state change exploit"},"content":{"rendered":"
\n

Published on Jan 29, 2013<\/span> <\/strong><\/p>\n

Belkin WeMo with latest firmware. Able to gain full root access and send commands including changing the state of connected device via flaw in UPnP implementation. Chose a small desk lamp and simple on\/off sequence due to safety concerns. Real world this could be a fan or space heater and rapidly turn on\/off without limitation. Updates with PoC soon to come.<\/p><\/blockquote>\n

via Belkin WeMo remote shell and rapid state change exploit – YouTube<\/a>.<\/p>\n

Stuff like this amaze me.\u00a0 Again.\u00a0 Just because you can put an IP stack on something doesn’t mean you should!\u00a0 Below is a video showing how to break in to this device that simply controls an electric outlet.\u00a0 He uses Backtrack 5<\/a> to break in.\u00a0\u00a0 Backtrack is a very useful set of security research tools.\u00a0 The video inspires me to fire up my copy and break into something.\u00a0 \ud83d\ude42<\/p>\n

<\/object><\/p>\n","protected":false},"excerpt":{"rendered":"

Published on Jan 29, 2013 Belkin WeMo with latest firmware. Able to gain full root access and send commands including changing the state of connected device via flaw in UPnP implementation. Chose a small desk lamp and simple on\/off sequence … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110],"tags":[1069,427,698],"class_list":["post-9205","post","type-post","status-publish","format-standard","hentry","category-networking","tag-backtrack","tag-exploit","tag-security-research"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9205"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9205\/revisions"}],"predecessor-version":[{"id":9504,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9205\/revisions\/9504"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9205"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}