Hacking Millions of Modems (and Investigating Who Hacked My Modem)

from blog Blog | Sam Curry, | ↗ original
Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive the traffic from the vulnerable server.