owasp top 10

Download Owasp top 10

Post on 27-Jan-2017

89 views

Category:

Internet

0 download

Embed Size (px)

TRANSCRIPT

  • OWASP Top 10

    IoT

    (Internet of Things)

    G4H/owasp/null meet

  • Who Am I..?

    Veerababu

    Maintainer at

    @Veeru_rockstar

  • Agenda..!

    .. IoT Introduction

    .. IoT Owasp Top 10

    .. Q&A

    .. References

  • IoT Intro ..!

    IoT is simply the network of interconnected things/devices which are

    embedded with sensors, software, network connectivity and necessary

    electronics that enables them to collect and exchange data making

    them responsive.

    IoT Component..!

    1. Hardware

    2.software

    3. Communication Infrastructure

  • 1.IoT mobile application,

    2.cloud APIs,

    3.communication and protocols,

    4.embedded hardware and firmware.

    Main IoT Security Testing

  • Just Theory

    No Practical

  • ...1 Insecure Web Interface

    ...2 Insufficient Authentication/Authorization

    ...3 Insecure Network Services

    ...4 Lack of Transport Encryption

    ...5 Privacy Concerns

    ...6 Insecure Cloud Interface

    ...7 Insecure Mobile Interface

    ...8 Insufficient Security Configurability

    ...9 Insecure Software/Firmware

    ...10 Poor Physical Security

    OWASP Top 10 IoT:

  • I1.Insecure Web Interface:

  • What are they ..?

    1. web login pages

    2. cctv dvr login pages

    still working on this..!

    I1.Insecure Web Interface

    ..Weak credentials

    ..Weak passwords

    ..Capture plaintext credentials

    ..Internal and external vulnerability

  • There is no security ..!

  • I2. Insufficient Authentication/Authorization:

  • I2.Insufficient Authentication/Authorization

    ..Weak passwords

    ..Weak password recovery

    ..Poorly protected credentials

    ..Internal and external vulnerability

  • still using default password "admin" and "1234"

    Web interface accepting denial of login attempts

  • I3.Insecure Network Services:

  • I3.Insecure Network Services:

    .. Attack vulnerable network services

    .. Attack device itself

    .. Bounce attacks off of the device

    .. Buffer overflow attacks for Denial of Service

    .. Sniffers and fuzzers and Scanners

  • Internet Using Devices

    Telnet -- 23

    FTP -- 21

    Finger -- 79

    TFTP -- 69

    SMB -- 445

    Common Ports for Devices :

  • Port scanning with nmap:

  • VNC related exploits and payloads:

  • Port Number :

    8000

    Port Number : 1072

  • I4 .Lack of Transport Encryption:

  • I4 . Lack of Transport Encryption:

    .. Easy view of unencrypted data passing between or over networks

    .. Traditional crypto vulnerabilities associated with SSL and TSL i.e. Man In the Middle attacks etc.

    .. Compromised Transport Layer means everything above it is vulnerable

  • An Example:

  • I5 Privacy Concerns :

  • I5 Privacy Concerns:

    .. Insufficient authentication

    .. Lack of transport encryption and storage of data in encrypted format

    .. Insecure network services

    .. Collection of unnecessary personal data

  • Common error..?

  • What are possible to attacks..?

  • I6.Insecure Cloud Interface:

  • I6 Insecure Cloud Interface:

    .. Insufficient authentication

    .. Lack of transport encryption and storage of data in encrypted format

    .. Attack likely from the Internet

    .. Easy to guess credentials

    .. Using password reset mechanism to see if account exist

    .. Identify is SSL is in use

    .. Account enumeration

  • Cloud login page .. i didn't test anything..?

  • I7.Insecure Mobile Interface:

  • I7.Insecure Mobile Interface:

    .. account lockout mechanism

    .. Insufficient authentication

    .. Lack of transport encryption and storage of data in encrypted format

    .. Attack likely from the Internet

    .. Easy to guess credentials

    .. Using password reset mechanism to see if account exists

    .. Identify is SSL is in use

    .. Account enumeration

  • Common Pattern Locks

  • I8.Insufficient Security Configurability:

  • I8.Insufficient Security Configurability:

    .. Lack of granular ability to configure authorizations.

    .. Weak passwords and credentials.

  • I9.Insecure Software/Firmware:

  • I9.Insecure Software/Firmware:

    .. Insecure firmware software encrypted updates

    .. Malicious updating

  • Publisher Not trusted..?

  • Firmware Update .. Is It Safe..?

  • I10. Poor Physical Security:

  • I10. Poor Physical Security

    USB, SD cards, other storage devices that give access to the Operating System

  • ?=

    An Example..

  • References ..!!

    1. https://www.owasp.org/index.php/Top_IoT_Vulnerabilities

    2. http://www.securityfocus.com/bid/70574

    3. http://internetofthingswiki.com/internet-of-things-definition/

    4. http://iotpentest.com/

    5. http://iotsecuritylab.com/