Vulnerability Development mailing list archives
Re: exploiting printers, home routers & smb routers
From: FX <fx () phenoelit de>
Date: Fri, 23 Aug 2002 10:10:59 +0200
Ch, list, chrisd () cissmb pointclark net <chrisd () cissmb pointclark net> wrote in 0.7K bytes:
I read the black hat presentation on exploiting printers: http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.pdf , good stuff & a real eye opener!
[SNIP]
My question, could something similar to exploiting printers be done to routers or would the hardware be totally incompatible ?
As you can see in the second half of the presentation, it is most definitely possible. There are currently several different approaches: 1) Exploiting a design failure to upload code This was proved using the HP Chai services. 2) Exploiting a hole and writing code to run on the hardware, hereby ignoring the operating system totally and replacing information on permanent storage (such as NVRAM). This is how the Cisco IOS exploit works. 3) Exploiting a hole and writing code to modify the currently running embedded OS. That's not proved so far, but would involve returning cleanly from the "shell code" and keep the system running. 4) ... anything the bright guys out there come up with So, to answer you question: Yes. cheers FX -- FX <fx () phenoelit de> Phenoelit (http://www.phenoelit.de) 672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564
Current thread:
- exploiting printers, home routers & smb routers chrisd (Aug 22)
- Re: exploiting printers, home routers & smb routers Stan Bubrouski (Aug 22)
- Re: exploiting printers, home routers & smb routers hellNbak (Aug 22)
- RE: exploiting printers, home routers & smb routers Nick Iglehart (Aug 22)
- Re: exploiting printers, home routers & smb routers FX (Aug 23)
- <Possible follow-ups>
- Re: exploiting printers, home routers & smb routers Peter Gutmann (Aug 22)