In November's meeting, Brendan Scarvell will present on the the vulnerabilities of an Android based VOIP video phone.
The Grandstream GXV3275 is an Android based VOIP video phone. Analysis of a phone running an early firmware version identified a wide variety of vulnerabilities, all leading to remote code execution as root. This presentation will walk through a range of vulnerabilities in the phone, discussing how they were discovered, and the ways in which they could be exploited to achieve RCE as root.
Brendan is currently a Product Security Engineer for IIX with a strong passion for security, specialising in web applications and have successfully been rewarded bounties for Facebook and Yahoo.
In his spare time, he participates in bug bounty programs and volunteer as a Rural Fire Fighter and Surf Life Saver.
Time: 5:30pm for a 6pm start. Lifts to Level 1 will be locked after 6pm. Please arrive before then!
Close: Session is expected to be completed by 7:30pm.
Location: RedHat Office, Level 1, 193 North Quay, Brisbane (Entrance to the building is via Herschel St)