Artwork

Kandungan disediakan oleh CCC media team. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh CCC media team atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !

Crypterella Stories: Fortigate (hackerhotel2024)

26:51
 
Kongsi
 

Manage episode 400395497 series 48696
Kandungan disediakan oleh CCC media team. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh CCC media team atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
We all love bedtime stories, and these stories are even better when they turn into reality. This cinderella story is about how a big vendor rolled its own algorithm to "encrypt" its firmware images to deter poor hackers like us from fiddling around and potentially uncover flaws. But what if your motive is not to uncover potential flaws, but simply to agnostically fingerprint devices left vulnerable on the internet? Join us into a semi-deepdive of reverse engineering the Fortigate firmware "encryption" to satisfy our own curiosity, but also to make the web that little bit more secure by fingerprinting vulnerable devices in a non-obtrusive manner with the endgoal of notifying the related parties. This talk will go into the process of reverse engineering the Fortigate firmware images with the purpose of developing a non-obtrusive version identification that can be used to fingerprint device firmware versions on the internet, this in turn can be used to notify the related party. Next to a technical deep dive the audience will be presented with a set of questions and thoughts on the topic of encrypting such firmware devices and if this really is the way to go for big vendors, or if these things are only making matters worse by limiting the scope to not just the "bad" people, but also the "good" people. about this event: https://pretalx.hackerhotel.nl/hackerhotel-2024/talk/QB3Z87/
  continue reading

3030 episod

Artwork
iconKongsi
 
Manage episode 400395497 series 48696
Kandungan disediakan oleh CCC media team. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh CCC media team atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
We all love bedtime stories, and these stories are even better when they turn into reality. This cinderella story is about how a big vendor rolled its own algorithm to "encrypt" its firmware images to deter poor hackers like us from fiddling around and potentially uncover flaws. But what if your motive is not to uncover potential flaws, but simply to agnostically fingerprint devices left vulnerable on the internet? Join us into a semi-deepdive of reverse engineering the Fortigate firmware "encryption" to satisfy our own curiosity, but also to make the web that little bit more secure by fingerprinting vulnerable devices in a non-obtrusive manner with the endgoal of notifying the related parties. This talk will go into the process of reverse engineering the Fortigate firmware images with the purpose of developing a non-obtrusive version identification that can be used to fingerprint device firmware versions on the internet, this in turn can be used to notify the related party. Next to a technical deep dive the audience will be presented with a set of questions and thoughts on the topic of encrypting such firmware devices and if this really is the way to go for big vendors, or if these things are only making matters worse by limiting the scope to not just the "bad" people, but also the "good" people. about this event: https://pretalx.hackerhotel.nl/hackerhotel-2024/talk/QB3Z87/
  continue reading

3030 episod

Semua episod

×
 
Loading …

Selamat datang ke Player FM

Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.

 

Panduan Rujukan Pantas

Podcast Teratas