Terminal Vertex – Attacking Network Monitoring

Eldar Marcussen

While auditing a system administration tool, I spotted what appeared to be a clear vulnerability when
skimming some code. What I believed was a command injection flaw failed to execute when tested against
a lab system, but it did exhibit behaviour that was somewhat consistent with injection flaws.

This talk describes the pursuit of this bug, from initial discovery, incorrect analysis and how chasing this
deeper lead to a number of generic attacks against the common graphing tool (RRDTool), which is in wide use.

I then used these attacks to achieve remote code execution where the command injection had failed. The next step was naturally to leverage these attacks against other solutions and collect a number of CVEs.