YoVDO

Do Not Trust the ASA, Trojans

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Network Security Courses Metasploit Courses

Course Description

Overview

Explore new vulnerabilities affecting Cisco ASA and ASA-X firewalls in this Black Hat conference talk. Delve into the security implications of these widely deployed network infrastructure components, which are relied upon to protect internal networks from external threats. Discover how these firewalls have become targets for exploitation by advanced persistent threats (APTs) like the Equation Group. Learn about the Adaptive Security Device Manager (ASDM), its binary package format, and the CVE-2022-20829 vulnerability related to missing package verification. Gain insights into building and generating malicious ASDM binary packages, exploiting the expert command for root shell access, and understanding the implications of these vulnerabilities. Examine the FirePOWER module installation process, methods to access the boot image shell, and techniques for creating malicious install packages. This presentation provides valuable information for security professionals and network administrators concerned with protecting their organizations from potential firewall vulnerabilities and exploits.

Syllabus

Intro
Adaptive Security Appliance (ASA)
black hat Adaptive Security Device Manager (ASDM)
Understanding ASDM Starting ASDM Client Overview
ASDM Binary Package Format
Missing ASDM Package Verification (CVE-2022-20829)
Building Cisco ASDM Binary Packages
Generating Malicious ASDM Binary Packages
Malicious Cisco ASA
expert Command Yields Root Shell
An Attacker's Dream
Disable Root Shell via lockdown-sensor
ASDM Cannot Access the Root Shell
Metasploit ASDM Brute-Force Module
FirePOWER Module Installation
Drop to the FirePOWER Boot Image Shell
Metasploit FirePOWER Boot Image Root Shell Module
FirePOWER Module Unsigned Install Package
Create Malicious Install Packages


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube