OWASP Presentation on Penetration Testing Embedded Devices

By Paladion

December 31, 2007

Last week, we discussed penetration testing embedded systems - the process we follow when we test the security of embedded devices.

Adrian Pastor gave a nice presentation at the OWASP London Chapter on the typical flaws found when testing embedded devices like routers. Adrian focuses on the web interface that is available on most routers today. He shows how CSRF and XSS are attacks that many routers are vulnerable to. The presentation (2.4 MB) is available for download at the OWASP site. Though we can't see the demos (this is a pdf file, and not a video), the slides are sufficiently descriptive to get his drift. Thanks Adrian!

Tags: Uncategorized