Coredumpin' the information superhighway

August 8, 2008

Tons of great stuff coming out of Blackhat.  A company called Recurity Labs now has a core dump analysis engine for Cisco routers.  Check out the paper. Pretty awesome.  Several years ago based on research from a guy named Felix “FX” Linder and the Phenolit group, a guy named Michael Lynn presented an exploit that PWNs Cisco routers based getting around Heap memory checking and was able to execute code.  

It caused crazy controversy and Mike left his job with IBM and CISCO ripped out the material from the Blackhat media and threatened all kinds of lawsuits.  It was actually pretty funny.  Anyways, the research area of exploiting embedded hardware and non-Wind0z type OS platforms has got the best and brightest in the world on the case.  Felix works now at Recurity doing some awesome RE stuff.  This will not be the last time this area of research comes up.  Now they are talking Cisco Root kits.  Researchers like Gyan Chawdhary at Information Risk Management are even taking this stuff even farther down the rabbit hole.

O and if that isn’t enough there is a huge stink right now with the FBI and others discovering counterfeit CISCO devices.  This poses a potential huge supply chain national security risk.  Now DARPA is on the case!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: