Enumeração de sistemas operacionais e serviços de firmwares de roteadores sem-fio
Resumo
A ampla adoção do home-office fragiliza as redes corporativas, pois estende seu perímetro até as residências e inefetiva políticas de segurança planejadas para ambientes operacionais diferentes. Nesse contexto, roteadores de rede sem-fio servem como habilitadores de acesso a serviços críticos. No entanto, identificar os artefatos de software e possíveis vulnerabilidades presentes nesses equipamentos é desafiador, e uma heurística para esse fim é a obtenção de firmwares disponíveis nos sites dos fabricantes. Neste artigo apresentamos a análise de 5265 firmwares e enumeramos os sistemas operacionais e serviços mais comuns, com o intuito de, em trabalho futuro, realizar análises de segurança em escala nos firmwares obtidos. A exploração desses componentes pode culminar em ataques de grande escala, e nossos resultados contribuem para direcionar a catalogação de vulnerabilidades.
Palavras-chave:
cybersecurity, firmware, re-hosting, network, router, enumeration, screen, vulnerability, scraper, qemu, linux
Referências
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Published on 21/10/2016; accessed on 03/06/2021.
Chen, D. D., Woo, M., Brumley, D., and Egele, M. (2016). Towards automated dynamic analysis for linux-based embedded firmware. In NDSS, volume 1, pages 1–1.
Clements, A. A., Gustafson, E., Scharnowski, T., Grosen, P., Fritz, D., Kruegel, C., Vigna, G., Bagchi, S., and Payer, M. (2020). Halucinator: Firmware re-hosting through abstraction layer emulation. In 29th USENIX Security Symposium (USENIX Security 20), pages 1201–1218. USENIX Association.
Feng, B., Mera, A., and Lu, L. (2020). P2im: Scalable and hardware-independent firmware testing via automatic peripheral interface modeling. In 29th USENIX Security Symposium (USENIX Security 20), pages 1237–1254. USENIX Association.
Gustafson, E., Muench, M., Spensky, C., Redini, N., Machiry, A., Fratantonio, Y., Balzarotti, D., Francillon, A., Choe, Y. R., Kruegel, C., and Vigna, G. (2019). Toward the analysis of embedded firmware through automated re-hosting. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019), pages 135–150, Chaoyang District, Beijing. USENIX Association.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Published on 19/01/2021; accessed on 03/06/2021.
Koscher, K., Kohno, T., and Molnar, D. (2015). SURROGATES: Enabling near-realtime dynamic analyses of embedded systems. In 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington, D.C. USENIX Association.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Published on 31/03/2019; accessed on 03/06/2021.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021. Published on 19/01/2021; accessed on 10/09/2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Published on 22/04/2021; accessed on 03/06/2021.
Mudgerikar, A. and Bertino, E. (2021). IoT Attacks and Malware, pages 1–25. Springer Singapore, Singapore.
Muench, M., Nisi, D., Francillon, A., and Balzarotti, D. (2018). Avatar 2: A multi-target orchestration platform. In Proc. Workshop Binary Anal. Res.(Colocated NDSS Symp.), volume 18, pages 1–11.
Scholten, C. (2020). Github repository: scraper. https://github.com/cpbscholten/scraper. Published on 27/11/2020; accessed on 10/09/2021.
Wright, C., Moeglein,W. A., Bagchi, S., Kulkarni, M., and Clements, A. A. (2021). Challenges in firmware re-hosting, emulation, and analysis. ACM Comput. Surv., 54(1).
Özkan, S. Cve details: The ultimate security vulnerability datasource. https://www.cvedetails.com/. Accessed on 13/09/2021.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Published on 21/10/2016; accessed on 03/06/2021.
Chen, D. D., Woo, M., Brumley, D., and Egele, M. (2016). Towards automated dynamic analysis for linux-based embedded firmware. In NDSS, volume 1, pages 1–1.
Clements, A. A., Gustafson, E., Scharnowski, T., Grosen, P., Fritz, D., Kruegel, C., Vigna, G., Bagchi, S., and Payer, M. (2020). Halucinator: Firmware re-hosting through abstraction layer emulation. In 29th USENIX Security Symposium (USENIX Security 20), pages 1201–1218. USENIX Association.
Feng, B., Mera, A., and Lu, L. (2020). P2im: Scalable and hardware-independent firmware testing via automatic peripheral interface modeling. In 29th USENIX Security Symposium (USENIX Security 20), pages 1237–1254. USENIX Association.
Gustafson, E., Muench, M., Spensky, C., Redini, N., Machiry, A., Fratantonio, Y., Balzarotti, D., Francillon, A., Choe, Y. R., Kruegel, C., and Vigna, G. (2019). Toward the analysis of embedded firmware through automated re-hosting. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019), pages 135–150, Chaoyang District, Beijing. USENIX Association.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Published on 19/01/2021; accessed on 03/06/2021.
Koscher, K., Kohno, T., and Molnar, D. (2015). SURROGATES: Enabling near-realtime dynamic analyses of embedded systems. In 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington, D.C. USENIX Association.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Published on 31/03/2019; accessed on 03/06/2021.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021. Published on 19/01/2021; accessed on 10/09/2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Published on 22/04/2021; accessed on 03/06/2021.
Mudgerikar, A. and Bertino, E. (2021). IoT Attacks and Malware, pages 1–25. Springer Singapore, Singapore.
Muench, M., Nisi, D., Francillon, A., and Balzarotti, D. (2018). Avatar 2: A multi-target orchestration platform. In Proc. Workshop Binary Anal. Res.(Colocated NDSS Symp.), volume 18, pages 1–11.
Scholten, C. (2020). Github repository: scraper. https://github.com/cpbscholten/scraper. Published on 27/11/2020; accessed on 10/09/2021.
Wright, C., Moeglein,W. A., Bagchi, S., Kulkarni, M., and Clements, A. A. (2021). Challenges in firmware re-hosting, emulation, and analysis. ACM Comput. Surv., 54(1).
Özkan, S. Cve details: The ultimate security vulnerability datasource. https://www.cvedetails.com/. Accessed on 13/09/2021.
Publicado
04/10/2021
Como Citar
TOSO, Gianluigi Dal; PEREIRA JÚNIOR, Lourenço Alves.
Enumeração de sistemas operacionais e serviços de firmwares de roteadores sem-fio. In: WORKSHOP DE TRABALHOS DE INICIAÇÃO CIENTÍFICA E DE GRADUAÇÃO - SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 21. , 2021, Evento Online.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2021
.
p. 178-191.
DOI: https://doi.org/10.5753/sbseg_estendido.2021.17351.
