RIPE what they sow

tl;dr looking for internet resources information ? Go for RIPEStat, an interface to RIS (Routing Information Service), which allows you to retrieve very interesting and accurate information regarding BGP/AS/Routing/prefixes/… – it all happens here.

Ever wanted to know the evolution of internet routing paths, or maybe a country’s internet resources, or even the different paths leading to your IP address ?

Well, RIPE is collecting a ton of information through their RIS (Routing Information Service). In short, they have probes spread all around the world that retrieve information regarding internet resources (routing, BGP, geolocation, …). It is possible to query those probes (and the resulting data) through the RIPEStat interface. A service providing raw json query (through HTTPS GET query) is available but also some nice widgets to get the information you’re looking for.

I won’t go into details for all available resources, as they are well documented on RIPE’s API page, but note that some of them could be interesting for someone looking for specific data/answers on the current (or past) situation of some specific internet resources.

The basic available resources that might be quite useful for an everyday network professional include:

  • Abuse Contact Finder – allows you to query whois entry for abuse contact by providing either a prefix, a single IP address or an ASN
  • Blacklist – allows you to know if a specific prefix or IP range is UCEPROTECT-blacklisted (I wouldn’t rely on them too much though ;-))
  • Geolocation – if you want geo coordinates of a prefix, IP range, ASN or even hostname
  • Network Info – provides you the prefix and the ASN to which the queried IP belongs to
  • Reverse DNS IP – simple reverse DNS lookup of an IP address
  • Whats My Ip – the usual what-is-my-ip query
  • Whois – a whois lookup on a specific resource (IPv4, IPv6 or ASN)

Continue reading

SHA-1 backdooring and exploitation

This content was originally published on the website of the Malicious SHA-1 project.

Summary

This is about the Malicious SHA-1 project, a research project that demonstrates how the security of the SHA-1 hashing standard can be fully compromised if one slightly tweaks some of the predefined constants in the SHA-1 algorithm. That is, we show that systems using “custom” versions of SHA-1 may include backdoors exploitable by the designers. Such custom versions of cryptographic standards are typically found in proprietary systems as a way to personalize the cryptography for a given customer, while retaining the security guarantees of the original algorithm.

The colliding messages constructed can be valid archives files (RAR or 7zip) such that the content of the two archives can be fully controlled. We also build colliding JPEG files, which can be any two images, as in the example below (images were chosen at random):


Continue reading

Power analysis basics

 0. PREFACE

Recently I gave a two-hour workshop about power attacks at PHDays conference. After the workshop, I understood that two hours are not enough to present and explain power attacks to people who never worked with Side Channel Analysis before. Luckily, I was invited to give a 4-hour workshop at ZeroNights, so I would like to make a series of posts to explain power analysis attacks in a better way and then use these posts (and, hopefully, comments) to improve my workshop at the forthcoming conference. I will try to make high-level yet detailed enough explanations, otherwise the workshop may require more time.

1. INTRODUCTION

Power attacks is a group of Side Channel Attacks that analyze devices’ power consumption to:

  • extract binary data; for example, secret keys of cryptographic algorithms;
  • understand timing of a particular operation;
  • dump the opcode values (Side Channel Based Reverse Engineering.

This looks unrealistic but statistical methods applied in Side Channels can distinguish a bit switch 1 to 0 from a bit switch 0 to 1. Since these operations can be distinguished, an attacker can extract processed binary data and get confidential information.

This post explains the very basics of power attacks, namely, when digital circuit consumes power, how power consumption can be modeled and thus used to reveal algorithms’ data. At the end of the post I will explain how power traces measured during DES execution can be analyzed to get the correct 6 bits of a DES round key. Some of the Side Channel Attack properties were discussed in the previous post ‘Timing attacks – Part 1′, so I encourage you to read that post first. Continue reading

PHDays @ Moscow

In May I attended Positive Hack Days, a.k.a. PHDays, in Moscow. This is one of the three largest security events taking place in Russia. PHDays included a conference, Capture the Flag competition, workshops, hands-on activities, roundtables, investment proposal presentations, etc. Attendees from different countries and various security domains presented their results and shared their knowledge with approximately 2,000 visitors (the event was taking place during two days). In this post I would like to highlight several observations and insights that could be of interest to you.

phd_logo_black

The video of all the talks can be found here and presentations here.

The talks were given in parallel at four different halls, so I could not attend all of them. From the talks I saw I would like to select the following presentations for a mention in this post:

- Smart TV Insecurity by Donato Ferrante and Luigi Auiremma. The presentation showed that an attacker can have root access or dump the entire application code of modern TVs.
My Journey Into 0-Day Binary Vulnerability Discovery in 2014 by Alice Schevchenko. I was pleasantly surprised. Twice. Firstly, I was surprised to discover Alice’s business acumen and her personality, since I have not met many women in the reverse engineering and fuzzing software field who are founders of their own companies. Secondly, I was surprised by the fact that there are plenty of 0-day vulnerabilities in binaries even in the latest software from the biggest companies.

Continue reading

JTAG debugging with Bus pirate and OpenOCD

Bus Pirate v3

The Bus Pirate is an open source electronic circuit developed by Dangerous Prototypes. They also sell it at minimal cost. The Bus Pirate allows the communication between a PC with a USB connection and any chips through serial protocols like I²C and SPI. Recently I discovered that the Bus Pirate is JTAG capable.

A large community is using this device for diverse things like repairing devices, and recently it was used during a challenge at Insomni’hack CTF to communicate to a MSP430 microcontroller and exploit a software buffer overflow on this architecture. I explain below how to communicate with, and upgrade the Bus Pirate and how to use it with OpenOCD software to debug chips. Continue reading

Heartbleed: Let’s patch the Internet!

Co-authored by meatwad and @bl4ckt0ts

In the context of the OpenSSL Heartbleed vulnerability we started to scan the whole IPv4 Internet. The goal was to understand how many machines were impacted but also to measure the rate at which vulnerable systems are patched.

The OpenSSL library is broadly used to provide SSL and TLS support. For example, mod_ssl is an interface to OpenSSL for Apache HTTP Server to serve web pages over HTTPS. Another example is courier-IMAP, which is also able to rely on OpenSSL to deliver IMAP over SSL services.

For that exercise we focus on looking for HTTPS servers vulnerable to Heartbleeed. We thus scanned four days in a row the whole routable IPv4 Internet on port 443. Every time the port was open, we initiated an HTTPS handshake. Upon success, we checked the service for the Heartbleed vulnerability by sending a heartbeat packet with a crafted size. That allowed us to spot vulnerable systems.

What we found is that there are around 30 million machines answering to HTTPS requests on port 443. Of these 30 million, about 1.5 million are vulnerable to Heartbleed.

2014-04-10 2014-04-11 2014-04-12 2014-04-13
Successful HTTPS 29’577’960 29’340’845 28’985’946 29’030’377
Vuln to Heartbleed 1’762’470 1’598’619 1’501’848 1’465’879

The good news is that sys admins were patching, even over the weekend :)

The bad news is that if the patching rate does not increase, we’ll never have a Heartbleed-free Internet. Let see how it’s going to evolve over the next few days.

Edit: The graph scale was changed to go down to zero.

Heartbleed in a Nutshell

heartbleed vulnerabilitySince Monday, April 7, the Internet is being rocked by the news about Heartbleed (CVE_2014- 0160), a serious vulnerability in the popular OpenSSL crypto library.

Our friends from Kudelski Security’s advanced threat intelligence unit provided a quick and easy “Heartbleed in a Nutshell” infosheet (summarizing findings on the topic from open sources) on what this bug’s discovery means for the users of HTTPS servers, and recommendations on what should be the very first steps for risk mitigation. The file is available for download from the link below:

Heartbleed_in_a_Nutshell_KS

Heartbleed_in_a_Nutshell_KS