Fwd: security theater seminar - 13.1.13 at 14:00 (room 146)
5 views
Skip to first unread message
Yossi Oren
Jan 9, 2013, 1:41:46 AM1/9/13
to security-theater-announcements
Hi all,
This talk is highly technical but still very recommended because of its impact (turning any Cisco IP phone into a listening device!)
Kol tuv,
Yossi.
---------- Forwarded message ----------
From: Irit Neulander <ir...@eng.tau.ac.il>
Date: Wed, Jan 9, 2013 at 8:14 AM
Subject: security theater seminar - 13.1.13 at 14:00 (room 146)
To: TAU-ENG-...@listserv.tau.ac.il
Sunday, 13 January 2013, at 14:00
Room 146, Labs Build.
Title: HACKING CISCO PHONES
Subtitle: Just because you are paranoid doesn't mean your phone isn't
listening to everything you say
Abstract: We discuss a set of 0-day kernel vulnerabilities in CNU (Cisco
Native Unix), the operating system that powers all Cisco TNP IP phones. We
demonstrate the reliable exploitation of all Cisco TNP phones via multiple
vulnerabilities found in the CNU kernel. We demonstrate practical covert
surveillance using constant, stealthy exfiltration of microphone data via a
number of covert channels. We also demonstrate the worm-like propagation of
our CNU malware, which can quickly compromise all vulnerable Cisco phones on
the network. We discuss the feasibility of our attacks given physical
access, internal network access and remote access across the internet.
Lastly, we built on last year's presentation by discussing the feasibility
of exploiting Cisco phones from compromised HP printers and vice versa.
We present the hardware and software reverse-engineering process which led
to the discovery of the vulnerabilities described below. We also present
methods of exploiting the following vulnerabilities remotely.
Speaker Bios:
Ang Cui is a PhD Student in the Columbia University Intrusion Detection
Systems Lab. His research is currently focused on embedded devices such as
home and corporate routers and cell phones. He is the primary inventor of a
novel host-based defense mechanism known as Symbiotic Embedded Machines.
SEMs are designed specifically to retrofit black-box, vulnerable legacy
embedded systems with sophisticated anti-exploitation mechanisms.
Michael Costello is a Research Staff Associate focused on embedded system
offensive and defensive research.
Recorded at the 29th Chaos Communication Congress (29c3), 27.12.2012 (Tari
tari!), Hamburg Germany.
http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html
*
From: Irit Neulander <ir...@eng.tau.ac.il>
Date: Wed, Jan 9, 2013 at 8:14 AM
Subject: security theater seminar - 13.1.13 at 14:00 (room 146)
To: TAU-ENG-...@listserv.tau.ac.il
Sunday, 13 January 2013, at 14:00
Room 146, Labs Build.
Title: HACKING CISCO PHONES
Subtitle: Just because you are paranoid doesn't mean your phone isn't
listening to everything you say
Abstract: We discuss a set of 0-day kernel vulnerabilities in CNU (Cisco
Native Unix), the operating system that powers all Cisco TNP IP phones. We
demonstrate the reliable exploitation of all Cisco TNP phones via multiple
vulnerabilities found in the CNU kernel. We demonstrate practical covert
surveillance using constant, stealthy exfiltration of microphone data via a
number of covert channels. We also demonstrate the worm-like propagation of
our CNU malware, which can quickly compromise all vulnerable Cisco phones on
the network. We discuss the feasibility of our attacks given physical
access, internal network access and remote access across the internet.
Lastly, we built on last year's presentation by discussing the feasibility
of exploiting Cisco phones from compromised HP printers and vice versa.
We present the hardware and software reverse-engineering process which led
to the discovery of the vulnerabilities described below. We also present
methods of exploiting the following vulnerabilities remotely.
Speaker Bios:
Ang Cui is a PhD Student in the Columbia University Intrusion Detection
Systems Lab. His research is currently focused on embedded devices such as
home and corporate routers and cell phones. He is the primary inventor of a
novel host-based defense mechanism known as Symbiotic Embedded Machines.
SEMs are designed specifically to retrofit black-box, vulnerable legacy
embedded systems with sophisticated anti-exploitation mechanisms.
Michael Costello is a Research Staff Associate focused on embedded system
offensive and defensive research.
Recorded at the 29th Chaos Communication Congress (29c3), 27.12.2012 (Tari
tari!), Hamburg Germany.
http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html
*
Reply all
Reply to author
Forward
0 new messages