Explore the vulnerabilities of Cisco EnergyWise, a proprietary Energy Management Protocol, in this Black Hat conference talk. Delve into the architecture and protocol specification of EnergyWise, and learn how to reverse-engineer this closed-source system. Discover potential security risks, including the ability to hijack EnergyWise domains and perform DoS attacks. Gain insights into sniffing techniques, cracking secrets, and methods for blocking EnergyWise. Examine the broader implications of Energy Management Protocols in various environments, from office networks to data centers. Understand the potential for large-scale blackouts due to misconfigurations or exploitable vulnerabilities. Access a toolkit demonstrating the presented attacks and consider future developments in this critical area of network security.
Overview
Syllabus
Introduction
Agenda
Energy Management
Energy Management protocols
Cisco EnergyWise
Architecture
Demo
EnergyWise Attributes
Is EnergyWise Relevant
Reverse Engineering
Protocol Details
Results
Sniffing
Cracking the secret
Segmentation
Blocking EnergyWise
Future Work
Conclusion
Taught by
Black Hat
Related Courses
-
Hacking Mitsubishi PLC Without Access To Firmware
-
SMS to Meterpreter - Fuzzing USB Modems
-
ARP Vulnerabilities - Indefensible Local Network Attacks
-
Breaking the IIoT - Hacking Industrial Control Gateways
-
Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs
-
Alarm.DISARM - Remotely Exploiting & Disarming Popular Physical Security System from Public Internet
