If you’re like me, you were eager to learn about Apple’s latest iPhone release, announced last month. In fact, I was thrilled to attend my first-ever press event at Apple’s headquarters in Cupertino and the occasion did not disappoint (hello Elvis Costello!). Apple orchestrates its launch events extremely well and it’s no wonder many consumers are ardent Apple fans. Read More »
Every Friday, we’ll highlight the most important Cisco partner news and stories of the week, as well as point you to important, Cisco-related partner content you may have missed along the way. Here’s what you might have missed this week:
Off the Top
As we move into fall, things are really picking up at industry events. This week in New York, Cisco spent time at Interop helping partners transform, create new opportunities and claim their share of the Internet of Everything (IoE) economy.
We announced our latest innovations to Unified Access. Be sure to check out my blog to catch the newest enhancements. If you weren’t able to catch John Chambers’ keynote speech from Wednesday at Interop, the replay is now available as well. Read More »
I had a customer at Interop NYC yesterday ask me if I still hack stuff? Still?!?! Of course!! It’s something that’s just in your blood daddy-o! I just like to hack stuff. It doesn’t matter really what it is, I just enjoy the challenge of figuring out how stuff works and how to bypass certain controls. I am not trying to be a whank about it and post how to steal a case of Sundrop from a Dixie-Narco vending machine, I just want to know from an engineering stand point. When I see electronic firmware based stuff work I always wonder; “How did they code that one up?”
That’s all it takes to get me started. Now my wife is not a fan of guns but if I started purchasing all the stuff I hack around here weekly, my guess is that she would change her mind real quick… So I need another method…a more…low cost method of hacking a device without ever purchasing the device. Firmware baby!!! Matter of fact, it is very rare for me to get actual gear. I just go for the low hangin’ fruit! Firmware! say with me…What do we want! Firmware!! f.i.r.m.w.a.r.e!!
Many vendors out there today offer up firmware freely without authentication or with only a email address so they can gather marketing data. I just use a 10 minute emailer like Mailinator or I give them Robb’s email and then I start downloading firmware. The firmware can be like the wardroom door to Narina if you look deeply into it.
Here’s the thing. Many vendors out there today do not have firmware developers in house. They have a marketing plan, money, call centers , etc…but code jockeys are something that is normally outsourced. These code houses do not just buzz the code for one vendor but for 50 or more. Now to keep this code straight from vendor to vendor many code houses place comments in their firmware.
These can be comments about debug interfaces, HARD CODED ACCOUNTS!!!! Private keys, hidden commands and yes even backdoor passwords. (I just found two days ago in a vendor device) Basically, low rent firmware hacking is really a piece of cake to understand.Plus it can really yield huge…benefits. Remember Stuxnet? Oh Yeah… Most firmware out there today is unsigned and unencrypted which means I can read it in a simple hex editor. But before your go download firmware and opening it up in your favorite hex editor, here are a few pointers to get ya started:
Tip 00x01 I normally like to look for bootcode if I have the choice. If not, I just deal with what I have.
Tip 00x02 Firmware files are in hex and have a ton of unreadable data in them. I am interested in about 1% of the file which contains ASCII text. The first thing I do is run firmware thru the *Nix command; Strings. Strings is a command that will print out any ascii character sequences that is followed by a an unprintable character. The default character limit is 4 but you can change that. A example command would look like this:
strings -t firmwareName.bin
Simple but powerful command with few options. The -t is an option I use to tell me the offsets just in case I need to…use them later on…
Tip 00x03 Some firmware will be compressed in what is called ZLIB compressed chunks. In outsourced code larger then 3Meg this is very common. There is a great tool called DeeZee which is part of the Black Bag Tool Kit from Matasano. It is older but works really well still for binary dissection. DeeZee will search thru a binary file for ZLIB signatures then extract them and print out the results. Human behavior is such that we write and comment stuff out all the time. Look at the best practices for a simple ACL. If I run a file thru strings or view it in a hex editor and see nothing but unreadable crap, then I assume it must be ZLIB’ed or encrypted but that is very rare. I run it thru DeeZee, with the command:
DeeZee will chew on it few a while then spit out the results into the same directory I run it at. I just do a LS to see the results, then view those results in my hex editor and Kazam! it’s hammertime!
Now you have some readable ASCII extracted from firmware. Some of my results have been stuff like:
- FTP passwords
- Backdoor passwords for various ports
- Hidden SNMP community strings
- Mountable filesystems that actually allow me to mount the firmware and interact with it. Heck I have pulled off .pem files that allowed me to do a super effective bogus SSL connection!
- Internal server ip addresses of the code house
- Contact information, which is great for social engineering
- Debug interfaces with access commands
and of course some of the funniest comments you have seen. If you decode a OEM suppliers firmware you may have hit a real jackpot since most C code is modularized and reused in other devices, so this the gift that keeps on givin’!! At this point you can gather the data and test certain conditions you have mined OR you can move up to the graduate level of hacking and start looking at disassembly with IDA Pro and start installing rootkits in firmware. That is the true Holy Grail of hacking embedded systems, but we’ll cover that next blog.
What’s that? You want a how to and not just tips? Hmmm…OK, here is an excellent blog showing you the step by step details of reversing some code from a…product…. http://www.devttys0.com/2011/05/reverse-engineering-firmware-linksys-wag120n/
Jimmy Ray Purser
Trivia File Transfer Protocol
In the rockin’ age of 390B.C. Playwright Aristophanes wanted to show the world just how pretentious db whack he really was. In his play Ecclesiazusae the characters feasted on a dish called; lopadotemachoselachogaleokranioleipsanodrimupotrimmatosilphioliparomelitoaktakexhumeno-kichlepikossuphophattoperisteralektruonoptopiphallidokinklopeleioplagoosiraiobaphetragalopterugon
MMMMM…Please sir may I have another helping of…lopa, lopadotema.. just forget it. Where’s the gyro stand?
Imagine a future where education has become embedded into daily life and is no longer only associated with schools, colleges and universities; a time where people can access learning when and where they need to increase their knowledge or skills. Imagine a future where a learner can be sent information which has been contextualized to their particular immediate need. Imagine learners who can not only access pre-recorded presentations on topics of interest by experts in the field, but also invite that expert to explain a concept instantly through a live interaction. This is the sort of future that is possible as more and more things (and people) become connected. This information sharing capability combined with big data analysis offers the promise of an exciting and motivating learning experience for people of all ages. The new world of education will make massive use of connectivity to enable all learners to access relevant resources at the moment when there is a need for new knowledge and understanding.
Cisco is a strong believer in the power of the Internet and its ability to speed up communications and to accelerate growth; today, the Internet connects people to many things, but it can also connect them to processes and data, creating new capabilities and unprecedented socio-economic opportunities for everyone on the planet.
The Internet of Everything (IoE) will amplify this hyper-connectedness in ways never imagined before. It will connect people delivering the right information to the right person in the most effective and efficient manner. The IoE will start (and has already started) increasing access to education by connecting the unconnected, allowing learners to become co-creators of knowledge and using technology to better understand physical, social and environmental phenomena taking place inside and outside the classroom.
Recognizing this potential, Cisco Consulting Services (CCS) and the Cisco EMEAR Education team are collaborating to produce a white paper about the impact of IoE on education, its potential challenges, opportunities, implications and success factors. The paper will explore the potential of IoE for education across four fundamental pillars: PEOPLE, PROCESS, DATA and THINGS, and the value it can bring across all sectors of education.
These four pillars will undoubtedly be interconnected in learning activities, and as such, the paper starts by exploring the impact each can have on education and what will need to happen to support, build on and scale some of the practices currently being planned or adopted. The paper collects some examples of interesting cases and initiatives taking place around the world and the efforts by some institutions to change standard practice and find educational applications of IoE. Furthermore, the paper explores the need to rethink our current approaches to pedagogy, methodology, curriculum, assessment, and skills development so education systems can better prepare the next generation of scientists, engineers, and specialists that will not only profit from the opportunities of IoE, but also will contribute to its future development.
The economic implications of the IoE are just starting to be quantified. Cisco Consulting Services’ Economics Practice has determined that there is a $14.4 trillion of Value at Stake in the IoE economy over the next decade; for education, the IoE has worldwide a 10-year net present value of $175 Billion. But going beyond economics, the opportunities the IoE can bring to education are priceless.
The paper, which will be released at the end of October, is just one of a set of deliverables to start a global conversation about IoE and its potential implications for education. In addition to the paper, there will also be a video, and next year, the potential development of a pilot on IoE scenarios for education.
We invite you to stay tuned for the release of the paper and to engage through this channel on the global conversation about the Internet of Everything and its impact on education.
Michelle Selinger, Ana Sepulveda, Jim Buchan
Big Data has become mainstream as businesses realize its benefits, including improved operation efficiency, better customer experience, and more accurate predictions. However, companies are often challenged by the complexities of traditional server solutions.
In this webinar, learn how to unlock the value of Big Data with the Cisco Unified Computing System (Cisco UCS). Cisco UCS delivers the performance, capacity, management simplicity, and scale that businesses need to increase agility, speed time to value, and deliver a competitive advantage to increase revenue.
Our one-hour technical presentations will demonstrate how to build elements of the Cisco Unified Data Center platform. We will show you how to design your infrastructure and management for traditional and virtualized environments. You’ll also learn about available services to help deliver it.
To attend, please click the “ATTEND” link below:
Hope you can join us and let me know if you have any comments or questions, or via twitter at @CicconeScott.
Tags: Big Data, blade server, Blade Servers, Cisco UCS, Cisco Unified Computing System, Cisco Unified Data Center, Cisco Unified Fabric, Cisco Unified Management, Hadoop, rack server, UCS Manager, UCS service profiles