Botnets
July 20, 2014
Hack WhatsApp Account
July 20, 2014

Phlashing-PDOS

File illustration picture of a projection of binary code around the shadow of a man holding a laptop computer in an office in Warsaw June 24, 2013. An encrypted email service believed to have been used by American fugitive Edward Snowden shut down abruptly August 8, 2013, amid a legal fight that appeared to involve U.S. government attempts to win access to customer information. Lavabit LLC owner Ladar Levison said he has decided to "suspend operations" but was barred from discussing the events over the past six weeks that led to his decision. That matches the period since Snowden went public as the source of media reports detailing secret electronic spying operations by the U.S. National Security Agency. The U.S. Department of Justice had no immediate comment. TO GO WITH STORY USA-SECURITY/SNOWDEN-EMAIL REUTERS/Kacper Pempel/Files (POLAND - Tags: SCIENCE TECHNOLOGY BUSINESS POLITICS TPX IMAGES OF THE DAY)

A permanent Denial Of Service (PDOS), also known as “Phlashing”. It’s an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Phlashing used for hardware attack. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim’s hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device’s firmware with a modified, corrupt, or defective firmware image a process which when done legitimately is known as flashing. This therefore “bricks” the device, rendering it unusable for its original purpose until it can be repaired or replaced.

The PDOS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard’s Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London. Smith said remotely abusing firmware update mechanisms with a Phlashing attack, for instance, is basically a one-shot attack. “Phlashing attacks can achieve the goal of disrupting service without ongoing expense to the attacker; once the firmware has been corrupted, no further action is required for the DOS condition to continue,”

An attacker could use remote firmware update paths in network hardware, which are often left unprotected, to deliver corrupted firmware and flash this to the device. As a result, the device would become unusable.

 

Comments are closed.