Announcement

Collapse
No announcement yet.

Demo Labs - Cotopaxi

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Demo Labs - Cotopaxi


    Target Audience: IoT, AppSec

    Detailed Explanation of Tool:
    Cotopaxi is a set of tools for security testing of Internet of Things devices using specific network IoT/IIoT/M2M protocols (e.g. AMQP, CoAP, MQTT, DTLS, mDNS, QUIC).

    These tools will be used by penetration testers and/or security researchers to identify IoT services and verify security vulnerabilities or misconfigurations.

    Based on recent publications, including a report from Trend Micro (https://www.trendmicro.com/vinfo/us/...tion-protocols),
    new IoT protocols are widely used both in public networks and in industrial environments. Unfortunately, in most cases those servers are not configured properly or use outdated components.

    Currently available tools used for security testing, like nmap or OpenVAS, do not support all new IoT protocols (e.g. AMQP, CoAP, MQTT, DTLS, mDNS, QUIC).

    So possibilities to test IoT products and discover such devices in tested networks are limited. We are working to fill this gap with Cotopaxi toolkit.

    Main features of our toolkit are:
    - Checking availability of network services for supported IoT protocols at given IPs and port ranges ("service ping"),
    - Recognizing the software used by remote network server ("IoT software fingerprinting") based on responses for given messages using machine learning classifier,
    - Discovering resources identified by given URLs ("dirbusting" of URLs) - currently supported only for CoAP,
    - Performing black-box fuzzing of IoT protocols based on corpus of packets prepared using coverage-based fuzzer,
    - Identifying known vulnerabilities in CoAP, MQTT, DTLS, mDNS servers (14 vulnerabilities will be released in the first version, some of which are currently being responsibly disclosed),
    - Detecting network traffic amplification (cases where network servers are responding with larger network messages than received requests). This feature is supported only for

    UDP based protocols:
    CoAP, mDNS and DTLS.

    New features in release for August 2020:
    - support for new protocols: AMQP, MQTT-SN, QUIC,
    - support for Python3.

    Short Developer Bio:
    Jakub Botwicz works as a Principal Security Engineer at Samsung Poland R&D Center leading a team of security researchers. He has more than 15 years of experience in information security and previously worked in one of the worlds leading payment card service providers,
    Big4 consulting company and vendor of network encryption devices.
    Jakub holds a PhD degree from Warsaw University of Technology and security community certificates including: GWAPT, CISSP, ECSA.
    Currently, he works providing security assessments (static and dynamic
    analysis) of different mobile and IoT components.
    PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A
Working...
X