A Brief Update To The Original Post on ZKSoftware ZEM500 Authentication Bypass
First things first, I am now on a sabbatical, pursuing alternate avenues for pleasure, not profit... I am semi-retired from security on my own terms... ;)
Username & Password for the device was "root:solokey" in 2013...
believe that in addition to getting root, you could play with firmware,
packets and the device's OS (busybox) if you are inclined to explore
every filetype including elf, bat and sh files for getting a better
understanding. You could ALSO use tftp / ftp, ssh or
telnet to upload and download files (for reverse engineering the elf
files). Firmware for the device comes in gzip or tgz (tarred-gzip)
I am NOT very sure or updated on the vulnerability as such. It may have
been reported and fixed by now (I saw THIS in 2013) - I could be wrong,
too... Since some vendors don't fix the vulnerabilities quickly.
Good luck playing with the device!