Explore the hidden vulnerabilities in proprietary network protocols through this insightful conference talk from AppSecEU 2014. Delve into the challenges of penetration testing specialized embedded software and thick clients with undocumented protocols. Learn a step-by-step approach to reverse engineering proprietary protocols, uncovering common security flaws like weak cryptography implementations, reversible hash algorithms, and lack of user authentication. Examine five real-world case studies from the financial industry that exemplify "security by obscurity," including home automation systems, embedded printing software, remote desktop protocols, and FOREX trading applications. Gain valuable insights from experienced IT security consultants on how to assess and improve the security of systems using proprietary protocols.
Overview
Syllabus
Jakub Kauny Slawomir Jasek - Shameful Secrets of Proprietary Network Protocols
Taught by
OWASP Foundation