Cisco IOS Router Exploitation Introduction
Successful exploitation of software vulnerabilities in Cisco IOS has been shown independently by different researchers and groups in the past, employing different techniques and basing of different assumptions. Notable incidents using targeted exploits against Cisco IOS vulnerabilities, known or unknown, have however not been registered by the security community at large.
With the development of the Cisco Incident Response tool and free on-line service1 , Recurity Labs aimed at the identification of successful compromises of Cisco IOS routers. Since the initial offering of the service, it became apparent that attackers targeting network infrastructure equipment still rely largely on mis-configurations and functional vulnerabilities, such as CVE-2008-0960. This observation indicates a fundamental difference between infrastructure attacks and attacks against network leaf nodes, such as servers and clients of any kind.
This paper will highlight reasons for the lack of binary exploits and which developments will herald the dawn of reliable remote exploitation of Cisco IOS based network infrastructure equipment. The author strongly believes that eventually, attacks on network infrastructure will use binary exploitation methods to massively gain unauthorized access. Therefore, research from the offensive point of view must be conducted and published, in order to allow the defenses to be chosen in anticipation of such future developments.
0 comments:
Post a Comment