Thursday, March 28, 2024

Metasploit Can Be Directly Used For Hardware Penetration Testing Now

Security researchers and penetration testers have used the open source Metasploit Framework to probe for vulnerabilities, run exploits, and simulate real-world attacks against software and networks .

Rapid7 has added a hardware bridge to its Metasploit penetration testing framework, making it easier for users to analyze Internet of Things (IoT) devices.

IoT’s growing up Vastly With more than 20 billion Internet of Things (IoT) devices expected by 2020 .IoT devices not only create new opportunities for attackers to invade networks to steal information, they can also be hacked to gain access to physical spaces and assets, or even cause harm to users.

As users become more dependent on the functionality of connected devices, the risk represented by loss of use or corrupted use becomes even greater.

Rapid7 announced the availability of a new Hardware Bridge API for Metasploit that extends the tool’s capabilities into the hardware realm.

Rapid7 Researcher’s said , ” The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices. Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to do the same for all types of hardware”

Also Read : How to Launch a DoS Attack by using Metasploit Auxiliary

How does it work?

There are two ways to connect a physical device to Metasploit:

  1. Build support directly into your firmware to make your device Metasploit compatible, or
  2. Create a relay service.

A relay service is required if your device does not have a way to naturally communicate on Ethernet. Many useful hardware tools such as Software Defined Radio (SDR) devices are controlled solely through a USB port.

First Release of Metasploit Hardware Vulnerability Testing comes with support SocketCAN. Linux System can support CAN bus sniffer that support SocketCAN you can get started without anything else.

So CAN Bus can Directly Interact with local_hwbridge in Metasploit Auxiliary Module that can used in locally or on a remote machine.

Once your Hardware Device Connected with Metasploit installed system ,it will automatically detect any SocketCAN interfaces . In this simulations Tested in Vehicle based CAN Bus.

Next you need to connect to a relay or a supported piece of hardware to establish a HWBridge session.

HWBridge session will be established once it connected relay and you can open the session with CAN  Buses using meterpreter.

In order to connect an SDR device like this to Metaslpoit then the machine that SDR is connected to would run a relay service. This uses a REST API, the details of which can be found here: Metasploit Hardware Bridge API .

The initial release of the hardware bridge will focus on automotive capabilities, with extensions into other hardware verticals expected throughout the year, and joins a growing library of modules that target embedded, industrial, and hardware devices.

The initial release of the hardware bridge will focus on automotive capabilities, with extensions into other hardware verticals expected throughout the year, and joins a growing library of modules that target embedded, industrial, and hardware devices.
According to the Rapid7, Initial sample modules include capabilities on Controller Area Network (CAN bus), with plans for other bus systems, such as K-Line, to follow. Metasploit also currently includes a number of industrial control exploits for SCADA systems and auxiliary modules.

In addition to helping streamline vulnerability testing, the new capability will enable users to:

  • Conduct comprehensive quality assessments of hardware, supported by Metasploit’s extensive library of exploits
  • Leverage Metasploit as a learning and teaching tool for automotive and exotic hardware-based network research
  • Write exploits that utilize hardware tools without having to worry about vendor specifics
  • Use Metasploit to make automotive diagnostic decisions, removing the burden of low-level packet handling .

 

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles