1-day exploit development for Cisco IOS

Cite

Related Material

Chaos Computer Club e.V.

Kondratenko, Artem

Formal Metadata

Title

1-day exploit development for Cisco IOS

Title of Series

34th Chaos Communication Congress

Number of Parts

167

Author

Kondratenko, Artem

License

CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/34812 (DOI)

Publisher

Chaos Computer Club e.V.

Release Date

2017

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Year 2017 was rich in vulnerabilities discovered for Cisco networking devices. At least 3 vulnerabilities leading to a remote code execution were disclosed. This talk will give an insight on exploit development process for Cisco IOS for two of the mentioned critical vulnerabilities. Both lead to a full takeover of the target device. Both PowerPC and MIPS architectures will be covered. The presentation will feature an SNMP server exploitation demo.

Keywords

Security