This write-up is a collaboration between Azeria and @b1ack0wl, who developed the exploit targeting a Buffer Overflow in the MIPS device Belkin F9K1122v1. This initial exploit can be found on exploit-db: Belkin F9K1122v1 1.00.30 – Buffer Overflow. The target device is running a Lexra based MIPS chip based on MIPS-I ASM which is different from the MIPS-II based MIPS32.
Finding a vulnerability and getting shellcode to execute is an euphoric feeling, but have you ever had the target program crash afterwards? In this tutorial, we are going through the thought process of developing process continuation shellcode and implementing it into the existing exploit. The new exploit will then be demonstrated after transforming it into a working Metasploit module.
Table of Contents:
- What is process continuation?
- Root causing the bug
- Analyzing normal execution
- What is needed to resume execution?
- Developing the shellcode to patch memory
- Custom shellcode overview