Backdoor Lockpick

Explore the reverse engineering of a cryptographically locked backdoor installed on Phicomm routers in this Recon Conference talk. Discover how zero-day vulnerabilities were uncovered in the backdoor protocol's implementation and learn about a tool developed to exploit these vulnerabilities, granting backdoor access to any Phicomm router released since 2017. Gain insights into the security implications of these unpatched devices and understand the process of securing them through the very backdoor that poses a threat. Access the C code for the "backdoor lockpick" tool on GitHub, which provides an unauthenticated root shell on affected Phicomm routers, and learn about the ongoing Rust port of this tool for broader platform compatibility.

Recon2023 OliviaLoccaFraser BackdoorLockpick