cat /proc/sys/net/ipv4/fuckups
- Type
- Slides
- Tags
- client side, exploiting
- Authors
- Fabian Yamaguchi
- Event
- Chaos Communication Congress 26th (26C3) 2009
- Indexed on
- Mar 25, 2013
- URL
- http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf
- File name
- 1483_26c3_ipv4_fuckups.pdf
- File size
- 3.7 MB
- MD5
- 3da3acdc4d269ee2cd7922f436080c2e
- SHA1
- 633ca615561bd9c4533380b42d56214fb16aa182
We will be presenting a number of previously undisclosed network-related design errors, ranging from data-link-layer bugs in Ethernet-drivers across issues in TCP/IP stacks all the way up to communication infrastructure components on layer 5. Our focus is on subtle mistakes, which do not fall into the memory-corruption category and yet in combination provide an attacker with a powerful bag of tricks. Built around a fictional average company network, we will tell the story of an attack making use of subtle bugs across the layers all of which are as of yet undisclosed. This will include a bug in an Ethernet-driver, which allows an attacker to bypass MAC- and IP-based filters, bugs in TCP-implementations that are assumed to be fixed but aren't, a web-cache which confuses itself and an instant-messenger, which was fooled by the protocol specification. All of these bugs share a common property: They are a consequence of insecure design and not of insecure coding-practices.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
