Risky Business #162 -- Pwning the Mars Rover with H D Moore
Fri, 08/06/2010 - 17:00
On this week's show chat to H D Moore about his research into the security -- or lack thereof -- of the VxWorks embedded operating system.
H D did a presentation at the Security B-Sides event that ran concurrently with Black Hat in Las Vegas. As it turns out VxWorks is used in a lot of places and the people who put it together suck at maths.
People who suck at maths write bad hashing algos. Really.
We'll also have a chat with Ron Gula of Tenable Network Security in this week's sponsor interview, and of course, Adam Boileau stops by for a chat about the week's news headlines.
Mon, 08/09/2010 - 11:32
#2
Nice discussion on LI and BB
Nice discussion on LI and BB crypto.
So, it's the late 90's and NASA had landed their first next-gen Mars rover. The web was new, exciting and deemed a great way for NASA to share to the world.
Too bad they didn't do any security.
I hit the page NASA offered and after some time, decided to play. So I started to "jump" their directory structure. Remember, in the old daze, Apache mapped directory structure to their HTML interface. So... I backed up a couple of directories, just curious mind you, just to see what else they might have. I got some links from those directories that redirected me to I believe JPL (it's been over 13 years. I forget). Some more directory jumping gave me a web page that was... strange. LOTS of Java, and a top-down view of the rover, with what looked like a pathing waypoints (bots in 1st-person shooters use this) to drive the rover to it's next-day destination.
So... I did what any geek would do. I dragged the points a bit to make a better path.
The next day, NASA announced that they had communication problems with their rover and were working to fix it. For some reason, that Java page that I had bookmarked never came back up after that.
So... I dunno. I might have gained control of that rover. Or maybe not, it all could be coincidence.