November 16
13:00 — 13:30
Ins and outs of Cisco ASA debugging
Nowadays, Cisco device vulnerability research is not just important but
beneficial (in financial meaning) for a bug hunter. Cisco bug bounty
program is in 4th position of ‘Top 30 Bug Bounty Programs in 2018’
due to www.guru99.com/bug-bounty-programs.html.
However, necessary hardware version of Cisco firewall device is not always accessible for average researcher, and even if this is not the case — what to begin with?
We’ll share our experience, knowledge and issues we faced with during Cisco ASA debug. Despite there is a decent number of articles about mentioned topic on the Internet, there are also several caveats found on practical appliance of described methodologies. Based on CVE-2016-1287 (Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability) we’ll describe main difference between x86 and x64 architecture. We’ll show how and what tools to use during debug environment setup.
However, necessary hardware version of Cisco firewall device is not always accessible for average researcher, and even if this is not the case — what to begin with?
We’ll share our experience, knowledge and issues we faced with during Cisco ASA debug. Despite there is a decent number of articles about mentioned topic on the Internet, there are also several caveats found on practical appliance of described methodologies. Based on CVE-2016-1287 (Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability) we’ll describe main difference between x86 and x64 architecture. We’ll show how and what tools to use during debug environment setup.