Speaker



Tyron Kemp

security analyst, Orange Cyberdefense

Tyron Kemp started his career building insecure networks. For the past three years, his efforts have shifted towards breaking them. He also requires excessive amounts of coffee to perform appsec assessments.

Tyron Kemp will be speaking on the following topic:

15:50
Routopsy: Routing Protocol Vulnerability Analysis and Exploitation

In this demonstration, Tyron Kemp and Szymon Ziolkowski will be showcasing Routopsy, a new open source network attack toolkit that leverages a "virtual router" in a Docker container to scan for and attack various networking protocols and misconfigurations. Common vulnerabilities in these protocols include overly broad network statements within routing protocols, unauthenticated or plain-text authentication for protocols such as OSPF and HSRP, and the lack of passive interface usage within routing protocols. Routopsy was designed in a way that will allow users to trivially perform attacks without requiring extensive networking knowledge. Attacks include the injection of new routes, discovery of new networks and gateway takeover attacks which ultimately could lead to person-in-the-middle attacks. Additionally, a fully-fledged router interface is also available for more experienced users and for more advanced attacks. Internally, Routopsy leverages a "virtual router" which has been around for a number of years, is well maintained and supports a variety of protocols. Once the scan phase of Routopsy is complete, a simple configuration is loaded within the virtual router and used to attack the target protocol.


Event Sponsor

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsor

Display Sponsors

Endorsed by