Tag Archives: hacker hacking

Ag3nt47 Security – iMessage encryption stumps US federal agents

Posted by ag3nt47 on

A recent investigation conducted by US Drug Enforcement Administration agents has been temporarily derailed after they failed to decrypt messages the targets exchanged via Apple’s iMessage system.

According to an internal DEA note that was leaked to Cnet, the encryption used for the messaging system makes it “impossible to intercept iMessages between two Apple devices,” regardless of the cell phone service providers.

Another problem for law enforcement is these iMessages “are not captured by pen register, trap and trace devices, or Title III interceptions,” which could end up with investigators missing crucial exchanges.

iMessages between an Apple device and a non-Apple device are transmitted as SMS messages and can sometimes be intercepted, and more easily if the intercept is placed on the non-Apple device, adds the memo.

As Dallas De Atley, manager of the platform security team at Apple, shared last year at Black Hat, the iMessage encryption is based on unique identifiers embedded in the hardware, uses a hardware encryption engine, and supports full AES and SHA encryption.

Law enforcement isn’t exactly helpless in cases such as these, as they can get a court order and demand Apple to help them intercept and decrypt the messages.

Still, there is a big push by federal authorities to set legislation that will make all similar communications accessible to them when legally requested.

Ag3nt47 Security – Have Ida Run A Colorize Script On Startup

Posted by ag3nt47 on

Description: In this video I show how to set up so that you can load a binary in IDA Pro and have a script that colors calls and interesting operations run at start up. This will save you time if you are opening binaries in IDA a lot. It took me a while to find this feature and I hope that it helps. Also BTdubsteps… this video is not edited and I get a bit distracted a few times. So dealwithit.gif.

Link to my modified script mentioned in the video: http://pastebin.com/djTKtt8S

Ag3nt47 Security – Shmoocon 2013 – Identity Based Internet Protocol

Posted by ag3nt47 on

Description: David Pisano
The Identity-Based Internet Protocol (IBIP) Network project is experimenting with a new enterprise oriented network architecture using standard IPv6 to encode user and host identity (ID) information into the IP address. Our motivation is to increase our security posture by leveraging identity, reducing our threat exposure, enhancing situational understanding of our environment, and simplifying network operations. Our current implementation uses credentials from the Common Access Card (CAC) and from the computer’s Trusted Platform Module (TPM) to establish a host and user ID and IP address. A registration process (built on top of 802.1x) that occurs between the host and a RADIUS server. After validating the credentials, the RADIUS server then automatically configures the edge router, fronting the host, with appropriate access privileges so that no IP address spoofing (or impersonation) is permitted. Hosts that are client machines do not have their IP addresses advertised, making them unreachable or hidden from reconnaissance initiated by other clients. Servers have their IP addresses advertised as usual. A unique IPv6 extension header was conceived to enable return traffic to hidden clients. Access controls are created and deployed from the RADIUS server without human intervention, enforcing established policies.

David earned a B.S. in Applied Networking and Systems Administration and an M.S. in Networking and Systems Administration from Rochester Institute of Technology. He is a contributor to The Honeynet Project. Professionally, David is active in research in the fields of network engineering and network security. His interests include data visualization and data correlation. David has coauthored multiple peer-reviewed papers in the fields of networking and cyber security.

Ag3nt47 Security – Shmoocon 2013 – Mainframed The Secrets Inside That Black Box

Posted by ag3nt47 on

Description: Phil Young
The mainframe is not legacy, far from it. Not only is it not legacy, but the majority of fortune 100 companies run a current and up to date mainframe OS. Airline, insurance, financial, power and oil industries, governments and three letter agencies, worldwide, run them, yet no one in the community knows how to properly tackle these ‘iron beasts’. Be it a lack of access by the security community or the false notion that mainframes are dead, there is a distinct gap between the IT security world and the mainframe world. This presentation aims to help close this gap by talking about common security pitfalls on the mainframe and how you can take advantage of, or secure against, them. After this talk you’ll be able to talk intelligently about mainframes, use SHODAN to find mainframes, enumerate and brute force users, crack the password database with John the Ripper and run netcat. Since mainframes are a big world, I will also show you how you can run your own mainframe at home on whatever old laptop you’ve got laying around using opensource software so that you too can get your hands dirty!

Ever since he saw the movie TRON, Phil has been fascinated with computers, mainframes especially. Throughout his career he’s had the chance to review mainframe security at various large organizations. He has worked in IT security for 9 years but ever since he learned you could emulate your own mainframe he’s been knee deep in JCL, print queues and OMVS. Some people build toy trains, others model airplanes, but Phil’s hobby is mainframe security. He has given a talk about mainframe security at BSidesLV, has been interviewed for podcasts and maintains a blog about mainframe security research.

Ag3nt47 Security – Shmoocon 2013 – Ka-Ching – How To Make Real Money

Posted by ag3nt47 on

Description: Margaret Russell
Emerging security technology –your technology—is overlooked, undersold, and underutilized partly because big customers often procure from big companies. Start up and young companies face stiff sales competition from established companies that have large marketing and sales organizations. This talk provides the secrets to winning competitive sales scenarios when the written response to an RFP is the key to being competitive.

Successful sales to businesses or governments usually rely on qualifying rounds of requests for information, proposals, quotes, and oftentimes demonstrations. For a startup or young company that concentrates on technology over marketing, this standard process can be exclusionary. Here’s how to manage a sales process that is dependent on response documents to win the business. And make money. Real Money.

Ms. Russell is a marketing professional with over 30 years experience in networking software, secure networks, and SaaS. She has written and managed hundreds of technical software and services proposals for very large, insanely large, and ginormous multi-national companies. She has run projects that have brought in billions of dollars to her corporate masters. It’s time for the little guys to know the secrets, too. She holds a BA from New York University and a Master’s from Cornell. This is her first ShmooCon talk.

Ag3nt47 Security – Carolinacon – 9 – 2013 – Iphone Data Reconnaissance Without Physical Access To The Device.

Posted by ag3nt47 on

Description: Abstract:

I’ll explore methodologies for iOS data reconnaissance without physical access to the device. Using a non jailbroken iPhone, I’ll show how to use a local network to use common settings on devices to remotely backup the device to its paired instance of iTunes (assuming network or physical access to the computer), find the backup on disk, and extract things like the TXT/iMessage raw sqlite database to the recent calls list.
These tactics can be used to automate backups of your own device for safekeeping of data or for more nefarious things like recovering text message logs from a spouse’s phone to see what they’ve ben up to behind your back. I’ll show example SQL queries to adjust date/timestamps and account for an Apple bug that made it into production with iMessage database records which will make it easier to work with the data. I’ll also show a simple way to protect against this sort of data reconnaissance by others.
Bio:

Jarrick is a software engineer by trade and manages the engineering department of a small custom web application development company. He also has a successful side business developing iOS apps for the masses. Jarrick is a member of the FALE Association of Locksport Enthusiasts.

Ag3nt47 Security – Carolinacon – 9 – 2013 – Search Engine Hacking: Finding Credit Cards, Social Security Numbers, And Frighteningly More

Posted by ag3nt47 on

Description: Abstract:

Brief Topic Abstract: This presentation is for anyone interested in learning the true power of search. While the vast majority of people think of search engines as gateways to movie times, shopping deals, and a little fact-checking, the reality is that advanced search queries are being used via the most popular search engines every day to find unbelievable types of information. Search has proven time and again that even the most paranoid and cautious individuals can find themselves on the business end of identity theft, and they’d never know how it happened. If you don’t know how to use a search engine to find credit card scans, Social Security numbers, usernames and passwords, VPN credentials, back-up images, virtual machine installs, software licenses, confidential documents, private image/video dumps, or similarly fascinating/frightening data, then I’m offering you the chance to take the red pill and see just how deep the search engine rabbit hole really goes…
Bio:

Stephen is a freelance writer and investigative researcher who is head-over-heels in love with search. Whether it’s tirelessly refining advanced search queries, unearthing awesome niche search engines, Internet marketing (SEO, social media, etc.), or just about anything Web-related, Stephen is passionate about it. Such passion allows him to touch on various facets of competitive research, Web security, search-related “fun and profit,” and much more. Currently, Stephen writes for CBS Interactive / ZDNet on topics related to search, security, hardware, software, gaming, and other tech-related subjects. He speaks at conferences regarding search engine hacking and is also in the process of writing a book regarding advanced search querying with Google. Connect with Stephen via his Web site, LinkedIn, Twitter, or Facebook!