Blogger Widgets

Monday 11 November 2013

Phlashing: #PDOS #DOS #Infosec




A permanent Denial Of Service (PDOS), also known as "Phlashing".
It's an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Phlashing used for hardware attack. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image a process which when done legitimately is known as flashing.
This therefore "bricks" the device, rendering it unusable for its original purpose until it can be repaired or replaced.
The PDOS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard's Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London. Smith said remotely abusing firmware update mechanisms with a Phlashing attack, for instance, is basically a one-shot attack.
Phlashing attacks can achieve the goal of disrupting service without ongoing expense to the attacker; once the firmware has been corrupted, no further action is required for the DOS condition to continue,”An attacker could use remote firmware update paths in network hardware, which are often left unprotected, to deliver corrupted firmware and flash this to the device. As a result, the device would become unusable.

No comments:

Post a Comment