Cisco ASA Episode 2 - Striking Back - Internals and Mitigations
Offered By: 44CON Information Security Conference via YouTube
Course Description
Overview
Delve into the intricacies of Cisco ASA firewalls in this 51-minute conference talk from 44CON 2017. Explore previously unpublished details of ASA internals, reverse engineering techniques, and custom-developed tools for exploit production. Learn about the generalization of exploits to cover over 100 ASA versions and achieve 100% reliability. Gain insights into firmware analysis, filesystem access, branch understanding, and the challenges of debugging the "lina" process. Discover the architecture of asadbg and its automation capabilities, along with a statistics script for vulnerability assessment. Examine secure boot considerations and engage in a Q&A session to further expand your knowledge of Cisco ASA security.
Syllabus
Intro
Cisco ASA devices
Cisco ASA 5505
Emulating ASA
Previous work
Presentation's goals
Getting firmware
Accessing the filesystem
Understanding branches
Still patched?
Reversing "lina"
Painful debugging (video)
Debugging FTW
"Pleasant" debugging
Analyzing heap internals
asadbg architecture
asadbg automation (video)
Statistics script
Secure boot?
Conclusion
Questions?
Taught by
44CON Information Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network