Stepping P3wns - Adventures in Full-Spectrum Embedded Exploitation and Defense

Explore a comprehensive presentation on exploiting and defending networked embedded devices like printers, phones, and routers. Witness two live demonstrations: a proof-of-concept embedded worm capable of stealthy, autonomous polyspecies propagation, and host-based embedded defense techniques called Symbiotes. Learn about 0-day vulnerabilities, stealthy network access, and autonomous reconnaissance. Discover how attackers can compromise significant portions of victim networks without targeting general-purpose computers. Observe the injection of Software Symbiotes into vulnerable devices and their effectiveness in detecting, alerting, and mitigating malicious implants. Gain insights into the scalability and integration of Symbiote protection with existing enterprise endpoint systems. Delve into previously disclosed vulnerabilities in Cisco IOS, HP printers, and Cisco IP phones, and explore the concept of polyspecies malware propagation.