Abstract
The aim of this paper is to present the potential impact and risks related with security breaches in modern networking equipment and embedded devices in general. Firstly, the possible attack vectors and exemplary exploitation methods are presented. The methods are based on real vulnerabilities the author has recently found in a popular wireless router software. Besides presenting the vulnerabilities themselves the papers main goal is to assess the possible impact of a successful attack. Author presents several post exploitation methods which show how easily it is to use the fully-featured embedded device operating system maliciously.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Functions in C without bounds checking: sprintf, vsprintf, snprintf, vsnprintf, memcpy, mempcpy, memmove, memset, strcpy, stpcpy, strncpy, strcat, strncat.
- 2.
For example, session handling in a HTTP server.
- 3.
Attacker can remotely detect which services are supported by the device using tools like nmap.
- 4.
The Shodan’s query used to find all vulnerable devices was: ““RT-” httpd Unauthorized” [14].
- 5.
Unfortunately these devices are usually home and small office routers and can frequently be offline. Shodan verifies them continuously - thus, it is very probable that a part of the offline devices can appear online in the near future.
References
Adamczyk, B.: CVE-2017-15654. http://sploit.tech/2018/01/16/ASUS-part-II.html. Accessed 17 Jan 2018
Adamczyk, B.: CVE-2017-15655. http://sploit.tech/2018/01/16/ASUS-part-I.html. Accessed 17 Jan 2018
Adamczyk, B.: CVE-2017-15656. http://sploit.tech/2018/01/16/ASUS-part-II.html. Accessed 17 Jan 2018
Artenstein, N.: Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom’s Wi-Fi Chipsets. In: Blackhat (2017)
ASUSTeK Computer Inc.: ASUSWRT. https://www.asus.com/ASUSWRT/. Accessed 17 Jan 2018
Bierbaumer, B.: CVE-2017-6548. https://bierbaumer.net/security/asuswrt/#remote-code-execution. Accessed 17 Jan 2018
Cutlip, Z.: DLink DIR-815 UPnP Command Injection. http://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp-command-injection.html. Accessed 17 Jan 2018
Fox-IT: CVE-2015-7755. https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7755. Accessed 17 Jan 2018
Google Inc.: CVE-2016-10229. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10229. Accessed 17 Jan 2018
Marlinspike, M.: SSLStrip. https://moxie.org/software/sslstrip/. Accessed 17 Jan 2018
Postelstorfer, F.: CVE-2014-9583. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9583. Accessed 17 Jan 2018
Reverse Shell Security: routersploit: The Router Exploitation Framework. https://github.com/reverse-shell/routersploit. Accessed 17 Jan 2018
Shodan: Shodan Search Engine. https://www.shodan.io/. Accessed 17 Jan 2018
Shodan: Vulnerable ASUS Routers - Shodan Report. https://www.shodan.io/report/u7ejeYKQ. Accessed 26 Feb 2018
Vanderbeken, E.: TCP-32764. https://github.com/elvanderb/TCP-32764. Accessed 17 Jan 2018
Acknowledgements
The research was supported by Silesian University of Technology grant No. BKM-509/RAU2/2017.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Adamczyk, B. (2018). Security Considerations of Modern Embedded Devices and Networking Equipment. In: Gaj, P., Sawicki, M., Suchacka, G., Kwiecień, A. (eds) Computer Networks. CN 2018. Communications in Computer and Information Science, vol 860. Springer, Cham. https://doi.org/10.1007/978-3-319-92459-5_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-92459-5_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-92458-8
Online ISBN: 978-3-319-92459-5
eBook Packages: Computer ScienceComputer Science (R0)