Re: exploiting printers, home routers & smb routers
From: FX (fx@phenoelit.de)Date: 08/23/02
- Previous message: gotcha: "Re: Apache-Nosejob"
- In reply to: chrisd@cissmb.pointclark.net: "exploiting printers, home routers & smb routers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Aug 2002 10:10:59 +0200 From: FX <fx@phenoelit.de> To: chrisd@cissmb.pointclark.net
Ch, list,
chrisd@cissmb.pointclark.net <chrisd@cissmb.pointclark.net> wrote in 0.7K bytes:
> I read the black hat presentation on exploiting printers:
> http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.pdf
> , good stuff & a real eye opener!
[SNIP]
> My question, could something similar to exploiting printers be done to
> routers or would the hardware be totally incompatible ?
As you can see in the second half of the presentation, it is most definitely
possible. There are currently several different approaches:
1) Exploiting a design failure to upload code
This was proved using the HP Chai services.
2) Exploiting a hole and writing code to run on the hardware, hereby ignoring
the operating system totally and replacing information on permanent storage
(such as NVRAM). This is how the Cisco IOS exploit works.
3) Exploiting a hole and writing code to modify the currently running embedded
OS. That's not proved so far, but would involve returning cleanly from the
"shell code" and keep the system running.
4) ... anything the bright guys out there come up with
So, to answer you question: Yes.
cheers
FX
--
FX <fx@phenoelit.de>
Phenoelit (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564
- Previous message: gotcha: "Re: Apache-Nosejob"
- In reply to: chrisd@cissmb.pointclark.net: "exploiting printers, home routers & smb routers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
