Luke Schmidt
Luke is a senior penetration tester with over five years of experience breaking into things professionally — from thick clients and mobile apps to infrastructure and external networks. Currently working in the financial sector, they’ve spent time across industries including health and resources, with past roles spanning everything from red teaming to compliance assessments.
They hold multiple certifications (OSWE, OSCP, CRTO, GMOB) and have been recognised in the Google Hall of Fame. Luke is an ECU alum with a background in Computer and Network Security and is a member of the GIAC Advisory Board.
Session
What started as a harmless attempt to re-enable a disabled feature on my home router led me down a rabbit hole — one that ended in multiple 0-day discoveries: a LAN-side Remote Code Execution vulnerability, and a WAN-side Denial-of-Service bug that can knock out the router’s firmware update service until reboot. And when it's rebooted? You can just do it again.
In this talk, I’ll share the story of how casual tinkering turned into serious vulnerability research, and how the devices we trust to sit quietly at the edge of our networks often hide surprising weaknesses. We’ll explore how these bugs were found, what makes them valuable, and why routers — often ignored — remain highly attractive to APTs seeking stealthy, long-term access to small business, home and corporate networks.