Documente Academic
Documente Profesional
Documente Cultură
TL;DR
Network security can be improved by removing
security appliances and other devices which
introduce unnecessary risk.
Who am I?
Chris Campbell (@obscuresec)
Story Time
You never forget your first
Attack Diagram
What I Learned
Just because a product solves a security
problem doesnt mean it is secure.
Anyone can find vulnerabilities.
These types of devices are a perfect place to
hide from incident handlers.
Started Collecting
Other Appliances
Procurement
Craigslist, eBay and borrowed from friends
Fully-functional demos from vendor's
websites
Virtual appliance marketplace
Storage Issues
To this
With 1 of these
What is an appliance?
Could be virtualized, but typically:
Now What?
Easiest vuln to find is Cmd Injection
Commonly in troubleshooting utilities
Great for persistence on RO file systems
Thanks Juan!
Support Procedures
Documentation revealed that remote access
was possible for remote support
Is the password static or derived?
Remote Access?
Backdoor?
Free Features!
Recommendations
Recommendations (2)
Demand control
Questions?
@obscuresec
www.obscuresec.com
Thanks to Matt, Josh,
Juan, Carlos, Skip & the
whole BsidesPR crew!