|
|
Line 175: |
Line 175: |
| {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- |
| | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | | | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | |
− |
| |
− | == IoT Vulnerabilities Project ==
| |
| | | |
| {| border="1" class="wikitable" style="text-align: left" | | {| border="1" class="wikitable" style="text-align: left" |
− | ! Vulnerability
| |
| ! Attack Surface | | ! Attack Surface |
− | ! Summary | + | ! Description |
− | |- | + | |- |
− | | '''Username Enumeration''' | + | | '''Local Game Client''' |
| | | | | |
− | * Administrative Interface | + | * The locally running game client that is accessible to the gamer because it's running on his/her machine. |
− | * Device Web Interface
| + | |- |
− | * Cloud Interface
| + | | '''Game Network Traffic''' |
− | * Mobile Application
| |
| | | | | |
− | * Ability to collect a set of valid usernames by interacting with the authentication mechanism | + | * The network which game traffic traverses in order to reach the game's server or peers who are playing the game. |
− | |- | + | |- |
− | | '''Weak Passwords''' | + | | '''Game Server''' |
| | | | | |
− | * Administrative Interface | + | * The game server that is hosting the instance that gamers connect to in order to play the game. |
− | * Device Web Interface
| + | |- |
− | * Cloud Interface
| + | | '''Game Economy''' |
− | * Mobile Application
| |
| | | | | |
− | * Ability to set account passwords to '1234' or '123456' for example. | + | * The economic system that exists within the game. |
− | |-
| |
− | | '''Account Lockout'''
| |
− | |
| |
− | * Administrative Interface
| |
− | * Device Web Interface
| |
− | * Cloud Interface
| |
− | * Mobile Application
| |
− | |
| |
− | * Ability to continue sending authentication attempts after 3 - 5 failed login attempts
| |
− | |-
| |
− | | '''Unencrypted Services'''
| |
− | |
| |
− | * Device Network Services
| |
− | |
| |
− | * Network services are not properly encrypted to prevent eavesdropping by attackers
| |
− | |-
| |
− | | '''Two-factor Authentication'''
| |
− | |
| |
− | * Administrative Interface
| |
− | * Cloud Web Interface
| |
− | * Mobile Application
| |
− | |
| |
− | * Lack of two-factor authentication mechanisms such as a security token or fingerprint scanner
| |
− | |-
| |
− | | '''Poorly Implemented Encryption'''
| |
− | |
| |
− | * Device Network Services
| |
− | |
| |
− | * Encryption is implemented however it is improperly configured or is not being properly updated, e.g. using SSL v2
| |
− | |-
| |
− | | '''Update Sent Without Encryption'''
| |
− | |
| |
− | * Update Mechanism
| |
− | |
| |
− | * Updates are transmitted over the network without using TLS or encrypting the update file itself
| |
− | |-
| |
− | | '''Update Location Writable'''
| |
− | |
| |
− | * Update Mechanism
| |
− | |
| |
− | * Storage location for update files is world writable potentially allowing firmware to be modified and distributed to all users
| |
− | |-
| |
− | | '''Denial of Service'''
| |
− | |
| |
− | * Device Network Services
| |
− | |
| |
− | * Service can be attacked in a way that denies service to that service or the entire device
| |
− | |-
| |
− | | '''Removal of Storage Media'''
| |
− | |
| |
− | * Device Physical Interfaces
| |
− | |
| |
− | * Ability to physically remove the storage media from the device
| |
− | |-
| |
− | | '''No Manual Update Mechanism'''
| |
− | |
| |
− | * Update Mechanism
| |
− | |
| |
− | * No ability to manually force an update check for the device
| |
− | |-
| |
− | | '''Missing Update Mechanism'''
| |
− | |
| |
− | * Update Mechanism
| |
− | |
| |
− | * No ability to update device
| |
− | |-
| |
− | | '''Firmware Version Display and/or Last Update Date'''
| |
− | |
| |
− | * Device Firmware
| |
− | |
| |
− | * Current firmware version is not displayed and/or the last update date is not displayed
| |
| |- | | |- |
| |} | | |} |