Developing MIPS Exploits to Hack Routers 1 1. INTRODUCTION 3 2. PREPARING LAB 3 2.1. Running Debian MIPS on QEMU 3 2.2. Cross Compiling for MIPS (bonus section) 4 3. REVERSE ENGINEERING THE BINARY 5 3.1. Obtaining The Target Binary 5 3.2. Getting The Target Running 6 3.3. Setting Up Remote Debugging 8 3.4. Analysing The Vulnerability 9 4. WRITING THE EXPLOIT 10 4.1. Restrictions and Solutions 10 4.2. Finding a Proper ROP Chain 11 4.2. MIPS Shellcoding 14 4.2.1 Writing Fork Shellcode 14 4.2.1 Writing Unlink Shellcode (bonus section) 16 5. CONCLUSION 18 6. References 19 Read more: https://www.exploit-db.com/docs/36806.pdf