GreHack 2020: Reverse Engineering archeology - Shlomi Oberman, Moshe Kol and Ariel Schön

Ripple20 is a series of zero-day vulnerabilities discovered in a widely used low-level TCP/IP software library developed by Treck, Inc and disclosed by JSOF in June 2020. This session focuses on the original research process used to identify and pinpoint the Ripple20 vulnerabilities, their variants, and some attempts to piece together the historical timeline showing how the original software library changed over time. This was a complex process of reverse engineering multiple devices simultaneously, working in parallel on many different levels. In this session we will describe how we reverse engineered the devices simultaneously, using comparative techniques to confirm each point. We will explain an interesting outcome of the supply chain ripple effect, and how it is now possible to find a vulnerability affecting hundreds of devices for near zero effort.

https://grehack.fr/2020/program

Видео GreHack 2020: Reverse Engineering archeology - Shlomi Oberman, Moshe Kol and Ariel Schön канала GreHack