Conference:  Defcon 31

Authors: Noam Moshe Vulnerability Researcher @ Claroty Team82, Sharon Brizinov Director of Security Research @ Claroty Team82

2023-08-01

Have you ever wondered how you can access your family pictures on your home network-attached storage (NAS) device remotely from your mobile? Do you know how this magic works? At Pwn2Own Toronto 2022, we chained multiple bugs to exploit both Synology and Western Digital NAS devices by abusing vulnerabilities in the device, cloud and the mutual trust between them. In our research, we reviewed the pairing mechanism of NAS devices with the WD and Synology cloud platforms. To our surprise we discovered that devices authenticate to the cloud using a hardware identifier which is later used by users to remotely access their devices. Using this, we were able to impersonate any given NAS device and perform phishing attacks that yielded us admin rights on any targeted WD or Synology device. In this talk, we will explain the pairing process of WD and Synology NAS. We will elaborate on the overall architecture of their cloud offering and focus on the vulnerabilities we found including ways to enumerate and impersonate all edge devices using certificate transparency log (CTL), and steal cloud proxy auth tokens. This enabled us to download every file saved on the NAS devices, alter or encrypt them, and bypass NAT/Firewall protection to achieve full remote code execution on all cloud-connected NAS (and to gain $$$ from Pwn2Own).

Conference:  KubeCon + CloudNativeCon North America 2021

Authors: Rohan Gupta, Sebastien Han

2021-10-13

The presentation discusses the use of Multus in Rook-Ceph to better utilize host network interfaces for Ceph Public and Cluster Networks, and the benefits of having dedicated networks for storage.

• Kubernetes presents challenges for storage due to reliance on external storage and lack of portability
• Rook-Ceph is an open source storage operator for Kubernetes that provides persistent storage from within the cluster
• Ceph is a distributed storage software solution that is scalable and provides multiple storage interfaces
• Multus allows for the use of multiple network interfaces on pods, and IP address management for a smoother deployment experience
• Dedicated networks for storage boost performance
• The presentation includes a demo of a running cluster utilizing Multus networks and a comparison of performance with and without Multus