|
||
0
0
0______20_BYTE_____9
@øٷּ ũǾ ƴٴϴ ϸ ո մϴ Ե ϴ |
0
0
dragooning
@øٷּ
ƹ͵ ° ΰ |
0
0
Berlu
@øٷּ ο ׳ ̷ο οε ̹ 2019 Black hat 翡 ڰ HSM full control ȹ, HSM ȣŰ credential ȹ ̷ٳ hsm 翡 ̷ٰ.
hsm ߿ Ʈ 鵵 ġϴ ̾ٳ 1. Vendor ϴ չ SDK access Ͽ, HSM ο shell ϴ firmware module upload Ͽϴ. SDK access attack ߰ϱ Ǿ ̸, HSM exploitϱ ʿ ƴ϶ մϴ.
2. , shell Ͽ, ŷ ְ exploitable buffer overflow ã , PKCS#11 fuzzer Ͽϴ.
3. Host System PKCS# 11 driver callϿ, HSM ܺο ̷ buffer overflow exploit ִ check Ͽϴ.
4. access control overrideϴ payload(Ǽڵ) ۼϿ, HSM ִ ٸ Issue ȰϿ, payload Ե ƴ firmware uploadϿϴ. ̷ 鵵(backdoor) ̹Ƿ, ļ Ʈ fix Ƿ, ؾ Ѵٰ մϴ.
5. , HSM ο (secrets) dump ϴ module ۼϿ, HSM upload Ͽϴ.
|
0
0
backingtrack
@øٷּ մ° ŷ̶°̴ϴ.
|
0
0
øٷּ
@Berlu ּż մϴ. ش ü ؼ ˻غôµ
Ʈ hsm ŷ Ʈغ . ( 븸 Դϴ.)
HSM پٰ ϴ ϳ firmware Ʈ ߿ Ʈ ѵ ߿ ε尡 ߰, װ ̿ؼ ۿ ÷ο ߴٴ° ū ƴϾմϴ.
Ƹ (Ŀ Ż պǰ ҵǰ ϴ ־ ϱ ..) DZ 信 Ʈ ϷḦ ߴٰϳ
hsm ߿伺 ſ ߿ ̰ ֽŰͿ ־ 帳ϴ.
ٵ ⼭ Ѱ ʸ ŷ غڸ
ش hsm ߿ Ʈϱ ؼ 2 ̻ ڷ ǰ ִ Ű ش ܸ ؼ Ʈ ؾմϴ.
ϴ 쿡 hsm ٸ ѵ ѵ ȭ å(ip, port) ϰְ Ŷ ǽð ϰ ְ, ũ ̶, ܸ, ° ǽð ̻ Žϰ ֽϴ.
Ư, ɻ hsm ߿ ְ hsm ݽǿ ȭ ߰ ȣ ϰֽϴ.
̷ Ҷ ǰ ִ ŷ ɼ ſ ٰ ְ,
100% ٰ ϴ ̰ Ƿ̸ ƴ϶ 迡 ӵ Ŀٵ.
̷ Ŀ ŷ ̷ ڳ - ٸ ۿ ŷ ϴٸ, nist visa ۷ι 翡 Ի簡 ϴٰ ߾.
߰ ȴٰ ϴ 1ȸ ܰ , ʾ ĥ ̳ ̻ ٵ, ̰ ǿ ŷ ǹԴϴ.
ٸ ۿ Ͱ ׳ƽ ī ī ŷ̳ ҹ ε , HSM IC ŷô ī ü ؼ ŷ ϴ ܿ HSM շ ŷ ϴ ʴ °ɷ ˰ ֽϴ. - ұԸ ڴµ, ִϴ ʴܱⰣ ġ ̷ Ŷ մϴ.
Ȥó ߸˰ ְų ø ֽø ϰڽϴ.
|
0
0
ī
@øٷּ ո߾
б MCU-Z(AMD ) θƮ ýۿ Ʈ ȹϴ ߽ϴ. ̸ ü , ϴ Ȱȭϰų Ȱȭ ֽϴ.
θƮ ECU(ICE) ˷ ۸Ī ǿϴ ߽ϴ. ̸ ŷ ִ ÷ (TPM) AMD μ(ASP) ȸ ־ϴ. ü Ʈ ȹϰ MCU-Z ڵ带 ־ϴ. ÿϱ FSD Ÿ, ӵ νƮ, Ʈ Ȱȭ߽ϴ. |
|
|
Ϻ |
Ϲ / ݵ ڵ ɷڵ վ̴ٰϴ 10 0
ٸ / Ⱦ ϵ ̹ ְ Һ ñ ɼ̸ Ⱦ ΰ ... 8 0
ո / մ´ٸ?? 20 1