IoT Insecurity of Things?

Texto completo

(1)

Su Seguridad es Nuestro Éxito

Marzo 2017 -

Luis Enrique Benitez

IoT

(2)
(3)

3 © Internet Security Auditors

Luis Enrique Benitez

Quality Manager - Ethical Hacking & Vulnerability Assessment

https://www.linkedin.com/in/luisbenitezj

(4)
(5)

5

(6)

6 © Internet Security Auditors

LG 43uf6407

TV LG LED de 43", Resolución 4K, Panel IPS, 900 HZ PMI, SmartTV (webOS 2.0)

SAMSUNG UE32F5500AW

(7)

7 © Internet Security Auditors

Barra Sonido OKI Sb Media Player 1g

Full HD 1080p, Sintonizador TDT Alta Definición, Sistema de sonido Dolby, Base para

IPod / IPhone. Conexión a Internet mediante cable o WIF

Panasonic TX-40CX680E

TV LED 40" - Panasonic TX-40 CX680E, 4K Ultra HD,

Firefox OS Quad Core

(8)
(9)
(10)
(11)
(12)
(13)
(14)

14 © Internet Security Auditors

Samsung UE32F5500AW

Puerto Servicio Versión

80 http Samsung Swift httpd 1.0

443 http Samsung Swift httpd 1.0

4443 Pharos

6000 X11

7676 upnp AllShare UPnP

52345 http Sansumg AllShare http

55000 unknown

(15)

15 © Internet Security Auditors

LG 43uf6407

10107 (4) - HTTP Server Type and Version

Linux/i686 UPnP/1,0 DLNADOC/1.50 LGE WebOS TV/Version 0.9

friendlyName:[LG] webOS TV UF6407

manufacturer:LG Electronics.

manufacturerURL:http://www.lge.com

modelDescription:LG WebOSTV DMRplus

modelName:LG TV

(16)

16 © Internet Security Auditors

LG 43uf6407

Puerto Servicio Versión

1113 upnp 1672 upnp 2026 upnp 2043 upnp 3000 http LG Smart TV http service 3001 http LG Smart TV http service 7778 Interwise 9955 Unknown

9998 http LG television page list http

18181 Opsec-cvp 36866 Unknown 43035 43036 43037 43038

(17)

17 © Internet Security Auditors

LG 43uf6407

http://192.168.88.246:3000/

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *

Date: Wed, 06 Jul 2016 10:18:13 GMT Pragma: no-cache

Expires: Mon, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT X-Content-Type-Options: nosniff

Content-Type: image/gif

Server: Golfe2

Content-Length: 35

Cache-Control: no-cache, no-store, must-revalidate Age: 282559

(18)

18 © Internet Security Auditors

Panasonic TX-40CX680E

58662 - Samba 3.x < 3.6.4 / 3.5.14 / 3.4.16 RPC Multiple Buffer

Overflows

90508 - Samba 3.x < 4.2.10 / 4.2.x < 4.2.10 / 4.3.x < 4.3.7 / 4.4.x <

4.4.1 Multiple Vulnerabilities

(19)

19 © Internet Security Auditors

(20)

20 © Internet Security Auditors

57825 (1) - PHP 5.3.9 'php_register_variable_ex()' Code Execution (banner check)

58987 (1) - PHP Unsupported Version Detection

60085 (1) - PHP 5.3.x < 5.3.15 Multiple Vulnerabilities

18037 (1) - XAMPP Default FTP Account

58183 (1) - Dropbear SSH Server Channel Concurrency Use-after-free Remote Code

Execution

58988 (1) - PHP < 5.3.12 / 5.4.2 CGI Query String Code Execution

42263 (1) - Unencrypted Telnet Server

73289 (1) - PHP PHP_RSHUTDOWN_FUNCTION Security Bypass

34324 (1) - FTP Supports Cleartext Authentication

(21)

21 © Internet Security Auditors

OKI Sound 1G

Puerto Servicio Versión

21 FTP Pure-TPDd 22 SSH Dropbear ssh 0.52 (protocol 2.0) 23 Telnet 80 http Lighttpd 81 http BusyBox http 7171 8082 Blackice-Alerts 9010 SDR 9020 Tambora

(22)

22 © Internet Security Auditors

OKI Sound 1G

(23)

23 © Internet Security Auditors

OKI Sound 1G

(24)
(25)
(26)

Canal

IP

Atreserie

52.28.85.115

BeMad

54.231.134.36

Discovery Max

46.31.56.161

La sexta HD

8.254.98.126

La sexta

8.254.98.126

Energy

54.231.134.100

Boing

54.231.134.100

La 1

72.247.210.17

La 2

72.247.210.17

24h

72.247.210.17

Clan

72.247.210.17

TV3 HD

8.254.36.126

Telecinco

54.231.136.13

Cuatro

54.231.136.13

Canal

IP

Cuatro HD

54.231.140.77

TV20 Terrassa

85.25.218.231

tdp

72.247.210.10

tdp HD

72.247.210.10

TV3

8.254.50.126

Super 3/33

137.117.170.224

3/24

8.254.50.126

Esport3

8.254.50.126

Canal Terrassa Valles

92.54.15.210

Disney Chanel

46.31.56.161

Paramount Chanel

46.31.56.161

FDF

54.231.136.13

Diviniti

54.231.140.77

Telecinco HD

54.231.140.77

(27)

Canal

Antena3

Antena3 HD

Neox

Nova

Mega

13TV

8TV

Barça TV

RAC105

EL PUNT AVUI

MOLA TV

TV SANT CUGAT

DKISS

TEN

IB3 GLOBAL

Rel Madrid TV

(28)

Canal

C

Telecinco

1

Cuatro

2

FDF

3

Diviniti

4

Telecinco HD

5

Cuatro HD

6

http://beacon.hbbtv.mediaset.es/topics/test?c=1|B49E0ABB9570335EB4A 64895EFA14CCB|k|{%22keyset%22:{%22ALPHA%22:512,%22BLUE%22:8,% 22GREEN%22:2,%22INFO%22:128,%22NAVIGATION%22:16,%22NUMERIC %22:256,%22SCROLL%22:64,%22VCR%22:32,%22RED%22:1,%22value%22: 0,%22YELLOW%22:4},%22currentChannel%22:{%22channelType%22:0,%22 ccid%22:%22ccid:23%22,%22dsd%22:%22Z\u000b\u0004)\u0010@\u001f %C2%81;%C3%BF%C3%BF%C3%BF%C3%BF%22,%22name%22:%22Telecin co%22,%22onid%22:8916,%22sid%22:186,%22tsid%22:16},%22channelList %22:%22Channel%20list%20items:%201:%20atreseries%20HD,%202:%20B eMad%20tv%20HD,%203:%20Realmadrid%20TV%20HD,%204:%20antena3 %20HD,%205:%20antena3,%206:%20laSexta%20HD,%207:%20laSexta,%20 8:%20neox,%209:%20nova,%2010:%20Energy,%2011:%20Boing,%2012:%2 0mega,%2013:%2013%20Tv%20Definitivo,%2014:%20La%201,%2015:%20L a%202,%2016:%2024h,%2017:%20Clan,%2018:%20La%201%20HD.,%2019 :%208TV,%2020:%20Bar%C3%A7a%20TV,%20%22}

Petición

Host: beacon.hbbtv.mediaset.es Origin: http://hbbtv.mediaset.es Accept-Language: en-us, en, fr, it

User-Agent: Mozilla/5.0 (Unknown; Linux armv7l)

AppleWebKit/537.1+ HbbTV/1.2.1 (+DRM; LGE; WEBOS2.0; 03.11.00; HE_DTV_W15B;)

Referer: http://hbbtv.mediaset.es/hbbtv.xhtml?c=1 Accept: */*

Accept-Encoding: gzip, deflate Connection: close

Grupo de canales que información constantemente (cada 4 segundos)

Entre los datos que envía está la lista de canales

del TV y el orden en que el usuario los tiene

(29)

29 © Internet Security Auditors

(30)

30 © Internet Security Auditors

(31)

31 © Internet Security Auditors

(32)
(33)
(34)
(35)

Figure

Actualización...

Related subjects :