DHCP exploitation with DynoRoot (CVE-2018-1111)
This video demonstrates a known vulnerability of Fedora and RedHat machines related to an unsafe client-side implementation of the Dynamic Host Configuration Protocol (DHCP). A rogue DHCP server can craft DHCP offers with a malicious payload that gets executed in a root shell on the victim machine. The vulnerability is credited to Felix Wilhelm and is known as CVE-2018-1111 or "DynoRoot". Felix: https://twitter.com/_fel1x CVE: https://access.redhat.com/security/vulnerabilities/3442151 Project: https://baldassarrefe.github.io/FEP3370-advanced-ethical-hacking/
This video demonstrates a known vulnerability of Fedora and RedHat machines related to an unsafe client-side implementation of the Dynamic Host Configuration Protocol (DHCP). A rogue DHCP server can craft DHCP offers with a malicious payload that gets executed in a root shell on the victim machine. The vulnerability is credited to Felix Wilhelm and is known as CVE-2018-1111 or "DynoRoot". Felix: https://twitter.com/_fel1x CVE: https://access.redhat.com/security/vulnerabilities/3442151 Project: https://baldassarrefe.github.io/FEP3370-advanced-ethical-hacking/