Skip to content

ret2/Pwn2Own-Ireland2024-Sonos

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pwn-hls.py
pwn-hls.py
 
 

Repository files navigation

During Pwn2Own Ireland 2024, this exploit was submitted successfully against the Sonos Era 300. It targets a vulnerability in HLS (HTTP Live Streaming) playlist parsing.

The bug was assigned CVE-2025-1050. Advisories: ZDI, Sonos.

You can read about the details of the exploit in this blog post.

Note that the exploit requires pip install pwntools soco, and targets version 16.4.2 (81.1-58074). It should be run like python3 pwn-hls.py -i <interface_ip> where the IP is the address of the throwing/attacker machine.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

0 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages