Remote Browser-Based Fingerprinting of Local Network Devices

Presented at DeepSec 2015 „DeepSec No. 9“, Nov. 20, 2015, 2:50 p.m. (50 minutes)

In this talk we discuss remote device fingerprinting techniques for SOHO routers and other network-connected devices offering a browser-based configuration interface. While consumer network devices provided to customers by their ISPs are typically based on very few different hardware platforms, they are equipped with highly customized firmwares and thus contain different vulnerabilities. The knowledge of a specific device's vulnerabilities is vital to the success of a remote attack. In a live demo we show how a remote attacker can exploit the feature-richness of modern web technologies (HTML5, WebRTC, JavaScript, CSS) to perform device discovery and fine-grained device fingerprinting in a local network over a web browser in preparation of a targeted attack.

Presenters:

• Manfred Kaiser - Josef Ressel Zentrum TARGET
  Manfred Kaiser is Junior Researcher at the Instutute of IT Security located at the FH St. Pölten. He works in the Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET). The mission of the center is to explore novel techniques for threat intelligence on targeted attacks on different levels. His professional interests involve web application security, biometry and mobile device security.

Links:

• https://deepsec.net/archive/2015.deepsec.net/speaker.html#PSLOT234
• https://infocon.org/cons/DeepSec/DeepSec 2015/Remote Browser Based Fingerprinting of Local Network Devices - Manfred Kaiser.mp4

Similar Presentations:

• BSides Austin 2017 / Network IDP device testing methodology
• DEF CON 13 (2005) / On the Current State of Remote Active OS Fingerprinting
• ToorCon San Diego 19 (2017) / Open Up and Say 0×41414141: Attacking Medical Devices