Skip to content
/ rom-0 Public

ROM-0 exploit ZyXEL file reversing resources

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0BuRner/rom-0

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
ZyXEL-firmware-LZS.sources.zip
ZyXEL-firmware-LZS.sources.zip
 
 

Repository files navigation

ROM-0 exploit ZyXEL file reversing resources

Vulnerable URL

http://device.ip/rom-0

ROM file description

ROM file structure

  • [0x00000000 - MEMORY BLOCK]
  • [0x00002000 - FILE BLOCK]

Block structure

  • BYTE blocknumber
  • BYTE unknown
  • WORD nr of objects
  • DWORD blockLength
  • foreach object:
    • CHAR[14] objectname
    • DWORD uncompressed size
    • DWORD compressed size
    • DWORD offset to data from start of block
Compression algorithm

Lempel-Ziv-Stac (LZS)

File block

Contains "boot", "spt.dat" and "autoexec.net"

File spd.dat structure
  • DWORD Unclear (Load-addres?, Magic?, Endianness?)
  • WORD Major Version
  • WORD Minor version
  • DWORD Unclear (Chunks?)
  • until EOF:
    • WORD org_size
    • WORD raw_size
    • BYTE[raw_size] Compressed data

Links

About

ROM-0 exploit ZyXEL file reversing resources

Topics

exploit reversing rom-0 zyxel

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published