Hacking Cisco NAC - NACATTACK

Tags:: Blackhat Cisco Exploit Hacking Nac Vulnerability

Edit Video Details

Affiliate Submitter:
helpnetsecu...

International
Comments: 0
Views: 397
Added: 10-Apr-07

At Black Hat Europe 2007 Dror-John Roecher and Michael Thumann showed how they were able to hack the Cisco NAC solution by exploiting a fundamental design flaw. In this video they illustrate how they worked towards this discovery and give us some exploit details. It is not their intention to simply release a tool, they want the audience to understand how Cisco NAC works and why it is not as secure as Cisco wants us to believe.

For more security-related material visit http://www.net-security.org

Categories: How To

Comments on

Hacking Cisco NAC - NACATTACK

10 Comments | Add Comment

Cisco support has ...
Cisco support has gone down the tubes. I remember calling sales and getting someone who actually could help. Now They are refusing to support Vista with my Pix firewall VPN, I need remote logon for my domain. (SBL) They did everything (including blaming Micrsoft) not to fix my problem. I would expect more out of Cisco then to make a client that only Half works for vista. No plans to make it right, very lame....
By phillyfunnyguy [Affiliate User] 1199339853 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
Cisco mainly ...
Cisco mainly positions its NAC appliance solution which is widely deployed and is a very reliable solution and not the NAC framework mentioned. If the hacking was truly done, how come they did not demo it? and how come they did not talk about other vendors?
Seeing is believing: anybody can talk and claim that they hacked any system and if there is no concrete proof and clear explanation of how testing was done and proper analysis and explanation of results, this information is simply worthless
By clotfy [Affiliate User] 1196219603 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
Thanks for posting ...
Thanks for posting this video. I got to meet these guys at BH America and I have to say their work is amazing. The research and reverse engineering work alone seemed overwhelming and the hack was brilliant. Thanks for the vid.
By tsudohn1mh [Affiliate User] 1187530773 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
An in all honesty, ...
An in all honesty, most (if not all) NAC technologies out there suffer from a similar type of flaw. As rightly said at the begining, you are asking an end-device for posture information, which quite frankly can be spoofed - in some cases easily, in other cases not so easily.
By splintcer [Affiliate User] 1182994944 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
if this would be ...
if this would be the only flaw on the cisco devices I would be the gladest man in the world.
By Madowstone [Affiliate User] 1181640292 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
Yer solid effort ...
Yer solid effort indeed. Smartasses :)
By masterdanoz [Affiliate User] 1180560230 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
Great video guys!
Great video guys!
By Webmast84 [Affiliate User] 1179914642 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
I never saw ...
I never saw anything but two guys talk, demo anyone?
By eneasquintero [Affiliate User] 1179734640 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
Very intresting, I ...
Very intresting, I do a little bit of reverse engineering myself and it is a lenghty process.

So grats to these guys.
By Dooobs [Affiliate User] 1178967616 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0
DUDE you rock.... i ...
DUDE you rock....
i need your help :)
By ha5h [Affiliate User] 1176628325 Reply Spam [+0] Moderate Up Moderate Down Remove ~~9042351~~
- 0