[Battlemesh] Exploit code on the wifi chip

Benjamin Henrion zoobab at gmail.com
Fri Apr 7 23:59:25 CEST 2017

On Apr 7, 2017 23:45, "Paul Fuxjaeger" <paul.fuxjaeger at gmx.at> wrote:

On 07/04/2017 22:14, Ben West wrote:
> The ars tech story points refers to this story by Google.
> https://googleprojectzero.blogspot.com/2017/04/over-air-

claims that:

"a vast amount of this research applies to other systems including the
same Wi-Fi SoCs"

"In the next blog post, we’ll see how we can use our assumed control of
the Wi-Fi SoC in order to further escalate our privileges into the
application processor, taking over the host’s operating system!"

uh oh.

Reminds me of a paper that tried to estimate "how many minutes it may
take for a baseband worm to spread over a large city", depending on the
current density of devices. Mind boggling stuff.

Will those worms install a proper mesh routing protocol while there at
it? :)

The OLPC had a marvel wifi chip that had its own routing table with its
aodv style routing proto.

And those chips got more powerful with the time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/battlemesh/attachments/20170407/b93fae37/attachment-0001.html>

More information about the Battlemesh mailing list