+ Responder Tema
Resultados 1 al 5 de 5
  1. #1
    Usuario Foroaviones
    22 may, 11

    Hackeando aviones comerciales con Android

    Hackeando aviones comerciales con Android

    Un experto en seguridad llamado Hugo Teso demostró en las conferencias Hack In The Box en Amsterdam cómo es posible intervenir los sistemas de navegación de los aviones comerciales con un terminal Android.
    Este consultor de seguridad explicó durante su conferencia lo inseguros que son los sistemas de comunicación y control de los aviones, y que teóricamente sería posible tomar el control completo de uno de estos aviones a través de un smartphone con Android.

    Teso lleva trabajando en tecnologías de la información durante 11 años, pero además también se ha formado como piloto comercial, y ha combinado ambos intereses para ilustrar claramente el lamentable estado de la seguridad de los sistemas computacionales en la aviación comercial.

    Teso realizó una demostración con un entorno virtual que emulaba los sistemas de comunicación del avión de forma precisa, y a partir de ahí creo un framework llamado SIMON para aprovechar las vulnerabilidades y una aplicación Android llamada PlaneSploit que envía mensajes que aprovechan las vulnerabilidades de los Sistemas de Gestión de Vuelo, demostrando que era posible tomar control completo de los “aviones virtuales” y hacer que “bailasen a su ritmo”.
    El entorno de pruebas SIMON está deliberadamente implementado para funcionar en entornos virtuales y no puede ser aprovechado en aeronaves comerciales reales, y aunque sus tests de laboratorios se basan en productos hardware y software que emulan todos los sistemas de un avión, los métodos de conexión y comunicación y las formas de explotar esos sistemas son idénticos a los que tendrían que utilizarse en un escenario real.
    Aqui la noticia original

    Hijacking airplanes with an Android phone

    Hijacking airplanes with an Android phone

    An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.

    Teso, who has been working in IT for the last eleven years and has been a trained commercial pilot for a year longer than that, has combined his two interests in order to bring to light the sorry state of security of aviation computer systems and communication protocols.

    By taking advantage of two new technologies for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes' Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircrafts by making virtual planes "dance to his tune."

    One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircrafts equipped with the technology to receive flight, traffic and weather information about other aircrafts currently in the air in their vicinity.

    The other one is the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between aircrafts and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter.

    Both of these technologies are massively insecure and are susceptible to a number of passive and active attacks. Teso misused the ADS-B to select targets, and the ACARS to gather information about the onboard computer as well as to exploit its vulnerabilities by delivering spoofed malicious messages that affect the "behavior" of the plane.

    Based on his own research, Teso developed the SIMON framework that is deliberately made only to work in a virtual environment and cannot be used on real-life aircrafts. His testing laboratory consists of a series of software and hardware products, but the connection and communication methods, as well as ways of exploitation, are absolutely the same as they would be in an actual real-world scenario.

    Since it's nearly impossible to detect the framework once deployed on the Flight Management System, there is no need to disguise it like a rootkit. By using SIMON, the attacker can upload a specific payload to the remote FSM, upload flight plans, detailed commands or even custom plugins that could be developed for the framework.

    To make things even more interesting - or easier - Teso showcased an Andorid application that uses SIMON's powers to remotely control airplanes on the move. The application, fittingly named PlaneSploit, sports a clean and simple interface, but is packed full with features. This is a remarkable example of technology evolution - ten years ago we barely had phones with a color screen, today we can use them to hack aircrafts.

    PlaneSploit uses the Flightradar24 live flight tracker and you can tap on any airplane found in range. When talking about the range, please keep in mind that we are talking about a proof-of-concept application used in a virtual environment. In real life, the range would be limited depending on the antennas used (if going directly for the plane), or global (if misusing one of the two big ACARS players such as SITA or ARINC).

    The user interface is divided by its main functions which are self-explanatory: discovery, information gathering, exploitation and post exploitation. The attacker can click on any active airplane and is receives its identification, current location and final destination. In case a nearby airplane system is exploitable (a number of vulnerability vectors mentioned, not much details provided), the application alerts the user via an in-application alert or a push message. The payload can be uploaded with a tap of a button and from that point on, the flight management system is remotely controlled by an attacker. There are a number of other systems connected to FMS, so further exploitation is possible.

    Here are some of the functions Teso showed to the HITBSecConf Amsterdam audience:
    Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane's course.
    Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
    Visit ground: Crash the airplane.
    Kiss off: Remove itself from the system.
    Be punckish: A theatric way of alerting the pilots that something is seriously wrong - lights start flashing and alarms start buzzing.

    By showing a sample scenario of a drunk pilot flying over Berlin, Teso mentioned that the Android application also uses the benefits of the accelerometer and therefore a remote attacker can transform the motion of its smartphone into physical changes in the plane's movement.

    It's amazing to discover that aviation - an industry where safety is of vital importance and every physical element has one or even two fail-safe mechanisms - is failing to secure the onboard computer, the heart and brain of the plane.

    Teso has not shared too many details about the tools he used to effect the attack, as the vulnerabilities have yet to be fixed. He says that he was pleasantly surprised by the reaction of the industry to his research and discoveries, as the companies didn't try to deny the existence of the problems and have vowed to aid him in his research.

    He says that older, legacy systems harking back to the 1970s will be difficult, if not impossible, to fix, but that modern ones will easily be updated with patched and modified firmware and software.

    The vulnerabilities, of course, differ from system to system and from plane to plane, but it's easy to discover just which ones are present once the attacker identifies the type, model of the plane, and the airline for which it flies.

    There is a solution for pilots to regain the control of the plane and land it safely, he says. Attacks of this kind work only when the auto-pilot is on, so the trick is to switch it off, then fly the plane by using analog instruments.

    The bad news is that there aren't that many on modern planes, and that the pilots have to detect that the plane's computer is being hacked in order to effect these maneuvers, and that is no easy feat.

  2. #2
    23 may, 08

  3. #3
    Usuario Foroaviones
    22 may, 11
    Cita Iniciado por Mkvenner Ver Mensaje
    Vaya, pues entonces a borrarlo

    Enviado desde mi GT-N7000 usando Tapatalk 2

  4. #4
    Usuario Foroaviones
    30 may, 07
    Voy a flashear el 787 con una ROM que te cagas
    “If you think education is expensive, try ignorance”

  5. #5
    Usuario Foroaviones
    25 ago, 10
    !!Vaya!! el problema de las baterías del 787 era eso...el android!!! XDXDXDXD

    Ahora en serio, me imagino que eso en la practica no es que sea muy útil, las señales del internet móvil no llegan tan alto (creo), a menos que lo haga por wifi y el movil este dentro del avion todo el rato, y si es así...... vaya mierda de seguridad que implementan los aviones, cosa que no creo.




Temas Similares

  1. Maquetas de aviones comerciales.
    Por airliner en el foro Comercial / General
    Respuestas: 1
    Último Mensaje: 19/12/2012, 14:33
  2. Mis aviones comerciales RBA
    Por opg2008 en el foro Comercial / General
    Respuestas: 3
    Último Mensaje: 13/02/2011, 17:31
  3. Material de las llantas de los aviones comerciales.
    Por Merovingio en el foro Comercial / General
    Respuestas: 11
    Último Mensaje: 20/01/2011, 16:49
  4. China ya vende aviones comerciales
    Por ertiodelatiza en el foro Noticias
    Respuestas: 35
    Último Mensaje: 20/11/2010, 11:49
  5. Deriva de los Aviones COmerciales
    Por Juanfco en el foro Comercial / General
    Respuestas: 12
    Último Mensaje: 21/04/2009, 16:08

Permisos de Publicación

  • No puedes crear nuevos temas
  • No puedes responder temas
  • No puedes subir archivos adjuntos
  • No puedes editar tus mensajes