Presented at
DeepSec 2013 „Secrets, Failures, and Visions“,
Unknown date/time
(Unknown duration)
In the past auditing appliances was like auditing embedded devices. Hard to come by, hard to crack open. Since most appliances are now provided in the virtual form factor, they can be easily analyzed. Yet from a security point of view they are still not much different from embedded devices.
This talk will discuss the process from getting a root shell on an appliance, assessing the general system hardening posture to finding exploitable vulnerabilities. The state of the art when it comes to application security is discussed based on vulnerabilities in security appliances from F5, Symantec, Sophos and the like. It will be demonstrated that appliances can be the weakest link in a network and cause a huge headache for incident responders.
Presenters:
-
Stefan Viehböck
- SEC Consult
Stefan Viehböck is a security researcher/consultant with a strong focus on application security. While he spent some time reverse engineering embedded devices (MIPS/ARM) in the past, he has now moved on to large enterprise appliances. Stefan has discovered numerous vulnerabilities in software products. These include critical vulnerabilities in products from companies like: Barracuda Networks, F5, Siemens, Symantec, Telekom Austria and Vodafone. He has also found a flaw in the Wi-Fi Protected Setup (WPS) specification that enables a very powerful brute force attack on the WPS PIN. All major Wi-Fi router vendors are/were affected.
Links:
Similar Presentations: