Positive Hack Days V

P1040717
I recently attended the Positive Hack Days V forum which took place in Moscow over two days. Interesting and diverse presentations were given there together with some interesting contests.

The first contest started online one week before the forum itself. It was the Hash runner challenge which consisted of cracking password hashes. The algorithms to crack were NTLM, SHA-1, MD5, LM, SHA-256, and the Russian standard GOST R 34.11. The Hashcat team won this contest.

During the other contests, each team represented a group of hackers from the virtual state: the United States of Soviet Union. These groups were asked to compromise fictional companies such as a railway company (Choo Choo Pwn), or a mobile operator (MiTM Mobile). In addition, this year, an industrial system challenge was set up about a power plant (Digital Substation Takeover).P1040718 A PHD Stock Market was also implemented to allow teams to sell their exploits and gain more points or even to be compromised themselves. Videos reporting news of the challenge advances were projected during the forum. More Smoked Leet Chicken won the contest. Last but not least the (in)famous 2drink2hack contest. The goal was to hack a Web Application Firewall while drinking a shot of tequila at each stage of the contest!!

Meanwhile, very interesting talks were given in parallel. I first attended the fast track session where results about de-anonymizing Tor users were presented by a team from Kaspersky Lab. They gave the example of the creator of Silk Road who was arrested despite many of the details about the techniques used by the FBI on Tor remain unknown. They explained how to track users with fingerprinting in Tor with JavaScript and gave a proof of concept to illustrate their claims.

A second presentation of this track was given by the SCADAStrangeLove team on hacking 4G networks and devices. They presented SIM card attacks, remote phone cloning, traffic interception, changing passwords, and gaining access to internal networks. They also focused on some attacks against USB dongles.

Alexey Cherepanov presented john-devkit software to optimize hash algorithms in the famous John the ripper software. It takes an algorithm in Python as input and a set of optimizing rules and outputs a C implementation of the algorithm for use by for John the ripper.

Dmitry Kuznetsov from Positive Technologies explained the experience they had while certifying a Russian security product to the Common criteria scheme. He explained the difficulties they had and the differences between CC and the Russian certification process.

Next a live video conference with Whitfield Diffie (Yes the Diffie in Diffie-Hellman !!) was broadcast in all the conference rooms. He explained his opinion about the future of Information Security and Cryptography. He asked for more usability to allow a mass usage of Cryptography. He spoke about Quantum computing which, if implemented, should break the public key Cryptography we use every day. He also clarified that Quantum Cryptography and Quantum key distribution are also promising but are not really a new Cryptographic method rather a new channel of communication with interesting features. He also spoke about homomorphic encryption and its future.

I finished the first day with a presentation by Stanislav Smyshlyaev, Evgeny Alexeev and Sergey Agafin about Cryptography standards in Russia. They gave a comparison between Russian standards like the GOST block cipher and the hash function Stribog (GOST R 34.11-2012) to other standards. They also presented Courtois attacks and reminded us of their complexity. They also presented Russian standards based on ECDSA and gave implementation timing on different platforms. Finally some practical issues were presented such as the usage of tokens.

The second day started with a talk named “Why IT security is f***ed up”. Under this provocative name, Stefan Schumacher, from the Institute for Security Research, explained how Psychology, Sociology and Educational science could help security research. He thinks that the society lives now in a kind of Panopticon meaning that we can be monitored by our devices and our behavior changes when we are monitored. Post-Snowden security needs trust. We have to trust software and devices we use. Meaning that IT security should extend to a new scientific field called “Information Security” built based on Maths, Computer science, Philosophy, Psychology, Sociology and Jurisprudence.

NFCThen I followed one of the hands-labs called “RFID/NFC for the Masses” given by Nahuel Grisolía. This lab explored the possibilities offered by the ISO 14443 standard which is used for NFC. He used Type A and Type B cards, which both communicate at 13.56 MHz. Several commercial products like the Sony FeliCa, Mifare Classic and Mifare Plus were presented. We were shown how to identify them with readers such as the SCL3711 or ACR122U which are both available for a small cost. The open-source software libnfc helps for low level interaction and is compatible with type A and B cards. Then he presented Proxmark hardware and showed how we could clone a card to open doors using their access system. Existing attacks against Mifare classic 1k were presented in details as well as attacks for the iCLass Hidcard.

The next talk was given by Marina Krotofil from European Network for Cyber Security about hacking a chemical vinyl plant process control. The first step was network penetration. It appears that it was the easiest part. The hardest was understanding the process, clearing the intruder tracks and understanding chemical forensics. It provided interesting ideas on how to prolong the attackers access like attacking the plant during regular operator maintenance, hoping the first reaction will be to accuse the operator and not an external attacker.

The final talk I attended was a presentation by Alexander Sverdlov about Building a digital fortress. Traditional fortresses have a secure inside with perimeter security and were the previous paradigm for cyber fortresses. He proposed a new approach and gave some techniques to create a cyber fortress like browser hardening with secure deployment of the Chrome browser or using whitelists on web proxies. All the techniques proposed are in his book.

Other information on the conference content, including those sessions I did not have time to attend are available here and videos of the presentations can be seen here.

Creative Commons License

Lazy Crypto Reloaded

simplicity.jpg

After figuring out how to design secure ciphers, cryptographers tried to find how to make secure ciphers as simple as possible. Permutation-based cryptography is the latest trend in symmetric cryptography. For example, the SHA-3 winner Keccak is based on a simple construction that iterates XORs of message chunks with the internal state with permutations of the said state. The Keccak team extended this simplistic construction to other crypto functionalities such as pseudorandom generation and authenticated encryption. With permutation-based ciphers, you get rid of key schedules, for example. Overall, it’s less stuff to design, less stuff to code, to debug, and thus hopefully fewer design flaws and fewer bugs. This approach has been successful so far with Keccak, and in SipHash and NORX.

Continue reading

“Hacking a plane’s engine control through the entertainment system is as easy as hacking a car’s steering through the CD Player?” Better hope not!

A May 18th Washing Post article by about Chris Roberts, the security researcher questioned by the FBI about monkeying with planes’ avionics via the entertainment system, caught my attention.  Not because of the sensational headlines, but because of a sentence attributed to “other aviation and security experts.”

In an attempt to make it seem that it is very unlikely  to access the avionics from the entertainment system, the article states that “hacking a plane’s engine controls through its entertainment system, they argue, is a bit like controlling a car’s steering wheel through its CD player.”  Unfortunately, it is quite possible to control a car’s steering wheel through its CD player.  This is due to the electric power steering assistance used on most new cars, and the fact that the CD player and power steering are often both on the CAN bus.

The fact that the CD player in modern vehicles is both often on the CAN bus and hackable is widely known.  Noted security expert Bruce Schneier wrote about this topic in 2011.  And, of course, once you have access to the CAN bus, you can control other things connected to it such as the electric power steering assistance.

As an example, we can take the modern Ford Mustang.  From at least the 2012 model, the power steering has had 3 modes select-able via the instrument cluster screens which are driven by the CAN bus. (See “STEERING FEEL” on page 22 of the owner’s manual.) The CD player is also on the CAN bus, as that is where it gets the dimmer signal.  Thus, if you were to hack the CD player, you could then use the CAN bus to control the steering.

In conclusion, I certainly hope that controlling a plane’s avionics via the entertainment system is more difficult than controlling a car’s steering via the CD player.

Industrial Systems: ‘to patch or not to patch’

There are many peculiarities that must be taken into account when considering the safety of industrial systems and SCADA systems. One especially relevant is patching or updating the systems or software that they support. When through a security assessment of this type of system you get to the question: “how do you carry out maintenance of systems to patch known vulnerabilities?” We can find very different answers. Some examples:

Option 1: Poker face

We do not apply security patches. It is not necessary since our industrial network is completely isolated, we rely on the ‘air GAP’ to protect our systems and most vendors don’t publish security updates. On the other hand, sometimes the software upgrade also involves hardware changes, so budgetary constraints don’t permit such updates.

This answer or other similar ones are quite common. I do not think it is a crazy strategy to follow to not apply security patches when these conditions are met:

  1. A risk analysis was performed to clearly understand what the threats that may affect the non-patched systems and what impact such threats could have. Note that I do not mean to make a superficial risk analysis, but I mean analyzing risks in-depth. That is, know exactly what vulnerabilities are not patched up, how it could be exploited by an attacker and what compensatory measures are implemented to mitigate the risk of not patching it. When considering the threats one should pay particular attention to the perimeter of industrial systems, points of interaction with traditional networks and access points that are easily accessible by visitors or the general public.
  2. Once this risk analysis is done, if the problems, costs or difficulties that result from applying the patches are greater than the risk of non-patching, it make sense not to apply the patch.
  3. This decision should be carried out in an informed and conscious way by the risk owner.
  4. The risk level should be reviewed regularly.

On the other hand, it is clear that we must put pressure on vendors to implement vulnerability management processes for their products and this point should be a key criteria in the selection of these technologies. Continue reading

Was the LizardStresser stressful?

After taking down the Xbox Live and the Playstation Network gaming services, the Lizard Squad group came again in the spotlight after the leak of a database of their LizardStresser not-so-new booter (a service providing Distributed Denial of Service or DDoS against payment). The breach occurred mid-January and resulted in the release of a 19 MB sql file containing the database content, consisting of about 150000 lines. We analyzed the data, focusing on targets and on attacks. After a bit of scripting, behold!

First, here’s a summary of the quantities of attacks and of attackers, showing that only 1.95% of the registered users actually used the service and launched at least one attack:

loggedattack_type

Continue reading

Volatility plugin for Dyre

Dyre is a banking malware discovered in middle of 2014. It can intercept HTTPS traffic, using techniques documented in this Introduction to Dyreza.

In the context of our review of malware faced by customers, we need to rapidly respond and assess the risk. Dyre is malware found in such context, and we are releasing a Volatility plugin that we are using internally to dump configuration in memory for Dyre (Dyreza) samples.

dyrescan

Continue reading

Auditing the security of a linux system

The purpose of this post is to detail what type reviews will be performed on a linux computer to determine if it meets the security requirements of the PCI DSS standard. To do this, whenever possible, I will detail the commands to use in each case.

ubuntu

However, although the main purpose is to audit compliance with PCI DSS, the proposed revisions can be used as a starting point for any security audit of a linux computer you want to perform.

All the commands in this post have been tested on Ubuntu 12.04 computer, so it is possible that some of them need to be modified to work properly on other Linux distributions. We can use the lsb_release-a command for the exact version of the system we are reviewing, or obtain it from the /etc/os-release. Continue reading