Remotely Exploitable Dead Frog with Embedded Web Server – The “Anatomy” of a Zero-Day Threat Surface
You think I make this stuff up, don’t you?
Listen, I’m a renaissance man and I look for analogs to the security space anywhere and everywhere I can find them.
I maintain that next to the iPhone, this is the biggest thing to hit the security world since David Maynor found Jesus (in a pool hall, no less.)
I believe InfoSec Sellout already has produced a zero-day for this using real worms. No Apple products were harmed during the production of this webserver, but I am sad to announce that there is no potential for adding your own apps to the KermitOS…an SDK is available, however.
The frog’s dead. Suspended in a liquid. In a Jar. Connected to the network via an Ethernet cable. You can connect to the embedded webserver wired into its body parts. When you do this, you control which one of its legs twitch. pwned!
You can find the pertinent information here.
A Snort signature will be available shortly.
/Hoff
(Image and text below thanks to Boing Boing)
The Experiments in Galvanism frog floats in mineral oil, a webserver
installed it its guts, with wires into its muscle groups. You can
access the frog over the network and send it galvanic signals that get
it to kick its limbs.
Experiments in Galvanism is the culmination of studio and gallery
experiments in which a miniature computer is implanted into the dead
body of a frog specimen. Akin to Damien Hirst’s bodies in formaldehyde,
the frog is suspended in clear liquid contained in a glass cube, with a
blue ethernet cable leading into its splayed abdomen. The computer
stores a website that enables users to trigger physical movement in the
corpse: the resulting movement can be seen in gallery, and through a
live streaming webcamera.
– Risa Horowitz
Garnet Hertz has implanted a miniature webserver in the body of a
frog specimen, which is suspended in a clear glass container of mineral
oil, an inert liquid that does not conduct electricity. The frog is
viewable on the Internet, and on the computer monitor across the room,
through a webcam placed on the wall of the gallery. Through an Ethernet
cable connected to the embedded webserver, remote viewers can trigger
movement in either the right or left leg of the frog, thereby updating
Luigi Galvani’s original 1786 experiment causing the legs of a dead
frog to twitch simply by touching muscles and nerves with metal.
Experiments in Galvanism is both a reference to the origins of
electricity, one of the earliest new media, and, through Galvani’s
discovery that bioelectric forces exist within living tissue, a nod to
what many theorists and practitioners consider to be the new new media:
bio(tech) art.
– Sarah Cook and Steve Dietz
Recent Comments