弗拉德斯拉夫·巴布金_保护网络设备新技术和旧挑战.pdf

《弗拉德斯拉夫·巴布金_保护网络设备新技术和旧挑战.pdf》由会员分享，可在线阅读，更多相关《弗拉德斯拉夫·巴布金_保护网络设备新技术和旧挑战.pdf（27页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsSecuring Network AppliancesSecuring Network Appliances:New Technologies and Old ChallengesSpeaker:Vladyslav Babkin#BHUSA BlackHatEvents$whoamiVladyslav Babkin(“hotab”)Network&Web Hacker,Web Developer Long-time CTF player(team dcua)Security Researcher Eclypsium Twitter:HotabZero#

2、BHUSA BlackHatEventsHOW DID NETWORK DEVICES EVOLVE?#BHUSA BlackHatEvents2005 First Cisco Rootkit2008 Operation Cisco Raider2015 SYNFUL Knock Cisco ROMMON Attack Juniper Backdoors 2016 Shadow Brokers2017 Vault 7 leak2018 VPNFilter Campaign Cisco Backdoors2019 FortiOS Vulnerability Echobot Solarwinds

3、Attack#BHUSA BlackHatEvents2020 Citrix Vulnerability Pulse VPN Campaign Fox Kitten Campaign Sophos Zero-Day F5 1st 10.0 CVSS Netwalker Attacks Chinese Attacks2021 Cring Ransomware Pulse Secure Vulnerability F5 Vulnerabilities SonicWall Vulnerabilities Fortinet Attacks2022 Cyclops Blink F5 BI-IP Vuln

4、erability Citrix APT Campaign FortiGate Zero-Day2023 Fortinet Zero-Day Jaguar Tooth Malware Zyxel-based Botnet Volt Typhoon CISA Directive Citrix Zero-Day Akira and Lockbit BlackTech Cisco Zero-Days2024 Ivanti Zero-Days SOHO Router Attacks Fortinet Zero-Day XZ Implant#BHUSA BlackHatEventsExtra Conte

5、xtMany attacks have tweet-sized PoC(like CVE-2022-1388)Issues are basic web app problemsSimilar problems shared with BMC(Baseboard Management Controller)Modern devices are in some cases full x86-64 server platforms,so all Server/PC/web app issues apply.#BHUSA BlackHatEventsWe got much more powerful

6、platforms on-board the devices.This means dynamic languages on IoT devices(Lua,PHP,etc)-with their staple problems Bigger devices and central management appliances can have databases on them Full scale linux with a single user.Of course,root.Everything is root like in the good ol times!Full set of o