A presentation called “The Holy Grail: Cisco IOS Shellcode Remote Execution” was slated to run at the Black Hat conference in Las Vegas this week. But Internet Information Systems and Cisco, the companies presenting the segment, decided to pull the presentation after discussions between the two firms.

As noted in my previous meme, Lynn did wind up giving his talk. Although he had to resign from ISS to do so.

According to Jeff Moss, CEO of the Black Hat Conference, Cisco on Monday said it would go to court for a restraining order to stop Black Hat from distributing materials on the IOS presentation already submitted by ISS and Cisco and published in the 1,000-page conference program. Moss said that Cisco supplied personnel, with razorblades in hand, to cut out 15 pages of material from 2,500 Black Hat conference show guides that detailed the company’s research.

No word if Cisco or ISS is going to attempt any legal action against Lynn.

According to a rumor circulating at the conference this week, the U.S. Department of Homeland Security was involved in asking Cisco and ISS to change its findings for security reasons. Cisco and ISS deny DHS involvement.

"Several agencies" have been in contact with Lynn regarding his research.

Network World | Cisco nixes conference session on hacking IOS router code

Security experts view Black Hat as the premier event to discuss and explore Internet vulnerabilities. At this year’s event, Michael Lynn, a member of ISS’ X-Force R&D team, gave a talk Wednesday on vulnerabilities in Cisco’s IOS, but he did so only after resigning from ISS, according to a company spokesperson.

Lynn is MemeStreams user abaddon.

Cisco’s statement added that Lynn’s presentation was not a disclosure of a new vulnerability or a flaw with Cisco IOS software, but an exploration of “ways to expand exploitations of existing security vulnerabilities impacting routers.”

Cisco PR is spinning at top speed right now. Lynn did infact demonstrate the remote injection of shellcode to a Cisco router. Lynn is able to make a Cisco router connect back to his attack host with an enable shell. For those unfamilar with Cisco routers, that basically means its possible to hack the router and get full control of it. This is not a DoS attack. This is a full on compromise.

This is basically the bug that could be used to take down the Internet. No bullshit.

Abaddon Drops The Bomb on Cisco

Wired just posted the best article so far.. Here are some of the highlights:

Lynn likened IOS to Windows XP, for its ubiquity.

"But when there is a Windows XP bug, it's not really a big deal," Lynn said. "You can still ship (data through a network) because the routers will transmit (it). How do you ship (data) when the routers are dead?"

"Can anyone think why you would steal (the source code) if not to hack it?" Lynn asked the audience, noting that it took him six months to develop an attack to exploit the bug. "I'm probably about to be sued to oblivion. (But) the worst thing is to keep this stuff secret."

"There are people out there looking for it, there are people who have probably found it who could be using it against either national infrastructure or any enterprise," said Ali-Reza Anghaie, a senior security engineer with an aerospace firm, who was in the audience.

During his talk, Lynn demonstrated an attack in real time using his own router, but did not allow the audience to see the steps. The attack took less than a minute to execute.

"In large part I had to quit to give this presentation because ISS and Cisco would rather the world be at risk, I guess," Lynn said. "They had to do what's right for their shareholders; I understand that. But I figured I needed to do what's right for the country and for the national critical infrastructure."

Wired News: Cisco Security Hole a Whopper

Now this is a truly new application of a keyboard, which I am sure will be rather hellishly expensive, but will probably not have any problem finding people to buy it judging from how much some fools are willing to pay for the reduced-size "Happy Hacker" keyboard--particularly since they willingly pay even more for the version where no one bothered to silkscreen labels onto the keys.

I give it a whole three months of this thing on the market before someone codes up a Drempels-style hack to make the keys change color and so on while the keyboard is being used. The possibilities are damn near endless.

Pimp.

This man deserves a patent with a large sack of money pinned to it.