Re: exploiting printers, home routers & smb routers

[FX <fx () phenoelit de>]

Ch, list,

chrisd () cissmb pointclark net <chrisd () cissmb pointclark net> wrote in 0.7K bytes: 
> I read the black hat presentation on exploiting printers:
> http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.pdf
> , good stuff & a real eye opener!

[SNIP]

> My question, could something similar to exploiting printers be done to
> routers or would the hardware be totally incompatible ?

As you can see in the second half of the presentation, it is most definitely
possible. There are currently several different approaches:

1) Exploiting a design failure to upload code 
   This was proved using the HP Chai services.
2) Exploiting a hole and writing code to run on the hardware, hereby ignoring
   the operating system totally and replacing information on permanent storage
   (such as NVRAM). This is how the Cisco IOS exploit works.
3) Exploiting a hole and writing code to modify the currently running embedded
   OS. That's not proved so far, but would involve returning cleanly from the
   "shell code" and keep the system running. 
4) ... anything the bright guys out there come up with

So, to answer you question: Yes. 

cheers
FX

-- 
         FX           <fx () phenoelit de>
      Phenoelit   (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564