When The Lights Go Out: Hacking Cisco Energywise

by Matthias Luft, Ayhan Soner Koca Sept. 23, 2017 via Black Hat submitted by belen_caty

Cisco EnergyWise is a proprietary, closed-source protocol that brings EMPs to the main stream IP networks (e.g. by including EnergyWise clients in widely used notebooks and phones). The resulting broad deployment in a high number of environments, such as office networks (for example, ThinkPad notebooks include an EnergyWise Client in the default configuration) or even data centers (as power consumption is always a huge issue), leads to the potential to cause huge blackouts if EnergyWise is misconfigured or contains vulnerabilities which can be abused. In this talk, we will describe our results on the EnergyWise architecture and protocol specification, present the reverse-engineered proprietary protocol , and show how you can hijack enerygwise domains in order to perform DoS service attacks. In addition, we will release our toolkit that implements all of the presented attacks.