Full Disclosure mailing list archives
Re: Cisco IOS Shellcode Presentation
From: "lsi" <stuart () cyberdelix net>
Date: Sat, 30 Jul 2005 13:21:52 +0100
Just store the program in a frikking *ROM*, and disallow execution of opcodes from RAM. It's called a Harvard architecture.
The problem with this will be speed, will it not? It could be cached into RAM - but then it would be modifiable ... I also have a query relating to the assertion by Lynn that worms would be difficult to make, because different firmware has different offsets. Surely this would be as simple as looping though a list: if (firmware == x) { attackstring = ABC } elseif (firmware == y) {attackstring = DEF } elseif (firmware == z) {attackstring = GHI } ... etc Finally, I note from the narrative on tomsnetworking that while the presentation did not describe exactly how to make an attack script that gets root, it nonetheless showed off exactly that. "At the beginning of his talk, Michael Lynn connected to a Cisco router, ran his shell script and obtained the "enable" prompt." [1] I thus conclude it's only a matter of time before an "autorooter" is developed for use against a wide variety of routers. The window of vulnerability, which is at least three weeks old, opened wide on the 27th, and remains so. No amount of legal posturing by anybody can change this. [1] http://www.tomsnetworking.com/Sections-article131-page4.php --- Stuart Udall stuart at () cyberdelix dot net - http://www.cyberdelix.net/ --- * Origin: lsi: revolution through evolution (192:168/0.2) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Cisco IOS Shellcode Presentation, (continued)
- Re: Cisco IOS Shellcode Presentation Jochen Kaiser (Jul 29)
- Re: Cisco IOS Shellcode Presentation Valdis . Kletnieks (Jul 29)
- Re: Cisco IOS Shellcode Presentation J.A. Terranson (Jul 29)
- Re: Cisco IOS Shellcode Presentation Frank Knobbe (Jul 29)
- Re: Cisco IOS Shellcode Presentation Andrew R. Reiter (Jul 29)
- Re: Cisco IOS Shellcode Presentation J.A. Terranson (Jul 29)
- Re: Cisco IOS Shellcode Presentation Jason Coombs (Jul 29)
- Re: Cisco IOS Shellcode Presentation Valdis . Kletnieks (Jul 29)
- Re: Cisco IOS Shellcode Presentation Jason Coombs (Jul 29)
- Re: Cisco IOS Shellcode Presentation Valdis . Kletnieks (Jul 29)
- Re: Cisco IOS Shellcode Presentation lsi (Jul 30)
- Re: Cisco IOS Shellcode Presentation Valdis . Kletnieks (Jul 29)
- Re: Cisco IOS Shellcode Presentation J.A. Terranson (Jul 29)
- RE: Cisco IOS Shellcode Presentation Geo. (Jul 29)
- Re: Cisco IOS Shellcode Presentation Jason (Jul 29)
- Re: Cisco IOS Shellcode Presentation Pavel Kankovsky (Jul 30)
- Re: Cisco IOS Shellcode Presentation Ron DuFresne (Jul 29)
- Re: Cisco IOS Shellcode Presentation Micheal Espinola Jr (Jul 30)
- Re: Cisco IOS Shellcode Presentation Steve Friedl (Jul 30)
- Re: Cisco IOS Shellcode Presentation Micheal Espinola Jr (Jul 30)