28C3 - Version 2.3.5

28th Chaos Communication Congress
Behind Enemy Lines

Day Day 3 - 2011-12-29
Room Saal 2
Start time 16:00
Duration 00:30
ID 4656
Event type Lecture
Track Hacking
Language used for presentation English

Ooops I hacked my PBX

Why auditing proprietary protocols matters

This talk is cautionary tale about developers forgetting to remove debug interfaces from finished products and the need of repetitive system reviews. A midrange PBX systems (non web) configuration interface is used as an example of what flaws you can actually find in commercial systems.

The Idea behind this talk is to give you an idea what can happen when developers do not audit their code on regular basis. It is not meant to make anybody laugh at another ones stupidity but as a reminder what could happen to YOU if you're a developer.
As an example of what could possibly go wrong, a problem in the way the configuration interface is authenticating its administrators on a PBX is used. It is about dissecting a proprietary TCP/IP based protocol used to configure telephones with system integration through the PBX and unexpectedly finding a flaw which not only allows to modify configuration of phones but also manipulate the PBX. The even bigger oversight was that all communication is possible without using any authentication. It is also a little bit about protocol design and some (false) assumptions still made when when preparing an impending product launch.

But for the sake of honesty: No names and no brands will be given, the talk is based upon a true example but because of responsible disclosure procedures not all information will be released to the public.

Archived page - Impressum/Datenschutz