defcon 24 man in the middle attack in the production seismological network
iSpeech
defcon 24 man in the middle attack in the production seismological network
The following video is a Proof of concept about a man in the middle attack in the production seismological network , we were be able to get the credentials analyzing the seismograph's firmware , we have root and web gui access with the highest privileges in the system.
After take control of the device (taurus) we study the possibility to take control over the data streamed from the remote station/seismograph to the acquisition center.
In this case the device is in the middle of the ocean near UK.
After study all the papers related to the protocol/networking communications we noticed that these devices are not using encryption or other method to secure the data over the public Internet.
The leads to think about the possibility to perform a mitm attack remotely intercepting the UDP packets then modify the data and finally send it to the acquisition center.
These devices uses a "stream data" option , this works in a way in which every station sends his data collected every 5 seconds based on a profile configured by the admin , what we do is change the ip address of the remote acquisition center by ours, so the packets are now going to be routed to our evil proxy, this proxy is going to take this packets in order to read them and then modify the latitude and longitude , this leads to inject false data to the acquisition center without being detected, using UDP packets help us to perform a very clean attack because we all know that UDP is vulnerable to IP spoofing attacks. so we can replaced our ip address with the original one and then pass it in a transparent way to the acquisition center.
wi will shown in black hat arsenal and defcon
video, sharing, camera phone, video phone, free, upload
2016-08-02 02:37:38
source
Gloss