Releases Free Test Tool Available to Public
Today SafeBreach Labs™ announced the discovery of a new vulnerability, exploit and exploit kit which delivers SYSTEM access to Windows IoT Core, the foundation for an estimated* 22.9% of IoT devices in development.
Although Microsoft officially intends this operating system for hobbyists and developers and suggests building a custom image for increased security, all other interfaces into the device are documented and password protected. In contrast, this undocumented method shows a new way to control the device with no authentication, and provides the simplest known way to run potentially malicious programs as SYSTEM on existing Windows IoT Core devices.
Developers should be aware of the exposure implications of this weakness and should take precautions to assure that it doesn’t reach a production deployment without mitigation. In this effort SafeBreach Labs both disclosed the vulnerability and the exploit itself (first presented on March 2nd, 2019). The detailed disclosure is available here .
SafeBreach has also published a simple python tool called SirepRAT which features an easy and intuitive user interface for sending commands to a Windows IoT Core device. It works on any cable-connected device running Windows IoT Core with an official Microsoft image. SirepRAT features full RAT capabilities without the need of writing a real RAT malware on target and can be found here.