It’s already day three, and it’s hard to think that tomorrow is the last day. If you’re around at the conference, and see a man with red hair (lots of them) and a laptop covered in OpenBSD fish, then come over and say hi. I don’t bite… well not on the first date anyway.
Running Your own GSM Network
Usual disclaimers… don’t try this at home. Something about it being illegal 😉 GSM documentation is all available online (except the encryption details). Lots and lots of documents (1,108 PDF’s). Parallels are drawn between the GSM and ISDN protocols. I never knew that GSM was based on original ISDN protocols. Some very good information here on how the protocols fit together. If you’re into GSM then this is information you will definitely want to see. Lots of hardware information on the Siemens BS-11, but interesting for anybody into mobile networks. Some testing at 25C3 shows it’s possible to skim peoples IMEI numbers, as well as checking which country people originate from. Not sure if this is based on the SIM country, or the phone country. Interesting attack vectors though. The demo was fun, too many people in the audience attaching to the network made things a little tricky. This work doesn’t yet allow true MitM attacks, but a MitM style attack could be done on a user in range of the Fake network and then routing it across an ISDN line to the original destination.
Source code for the GSM full-rate codec is online at http://kbs.cs.tu-berlin.de/~jutta/toast.html
An Introduction to new Stream Cipher Designs
This talk covered new algorithms for fast data encryption, in particular stream ciphers. The talk is based on information from the eStream project (part of the ECRYPT project). Although there was no groundbreaking stuff here, it was interesting to see the pro’s and con’s of what is currently in use (sich as RC4, AES-CTR, etc..) Some indepth overviews of the ciphers entered into the ECRYPT project was given. Mention of the new Cube Attacks released by Dinur and Shamir at this years CRYPTO 2008 conference. Is this attack method usable on existing hardware ciphers ? Finishing off discussion on the NIST Hash Function Competition was made. Currently 17 of the 64 proposal ciphers have been broken. Final decision is expected in Q2 2012. So nothing to be looking forward to for next year 😉 if in doubt, stick with AES(-CTR).
Checkout the eStream project at http://ecrypt.eu.org/stream/
Hacking Botnets/Squeezing Attack Traces
Unfortunately, due to a serious case of the FAIL, my notes for this and all subsequent talks was lost. This just goes to show that I really need to get a decent netbook and never use my blackberry ever again
So, from memory. The analysis of the Storm worm was until now based purely on running in a virtual environment and tracking the traffic to see what occurs. However the team presenting have taken this a step further and reversed the code used to examine how the underlying bot works. The Storm bot is based on DHT traffic as used by eDonkey and other peer 2 peer sharing programs. By changing the traffic slightly, it was possible to use the same communications but avoid being intercepted by other eDonkey users using DHT. By reversing the code it was possible to find the hash codes used in the DHT communication and effectivly hijack the Storm botnet. A demo was given based on this attack method, showing that you can fool an infected Storm zombie into running code from a fake C&C. Although at the height of it’s rampage the Storm bot had over 1 million zombies, the number is thought to be around 100,000 at present. With this research it may be possible to take over the whole botnet and force the infected machines to run disinfection code. However the researchers are naturally not allowed legally to do this. Some of the code developed will be released in the coming weeks, but not all of it due to Germany’s 202C anti-hacking laws
SWF and the Malware Tragedy
Where to start. I think the best reaction I had to this was that it was interesting research, but nady presented. Using statistical analysis it was possible to diagram similarities in malicious SWF files. However personally I’d like to have seen charting of both malicious and non-malicious SWF’s to see if this method could be used in IDS/IPS typ protections. Other than that, the talk wasn’t anything to call home about
Methods for understanding targeted attacks with Office Documents
It was good to see a Microsoft employee talking at this kind of conference. He gave props to the OpenOffice team for a variety of things, and it made for a fun presentation. Any presenter that can describe things with “bla bla bla” is a winner in my book. Plus the parting words of “I’ve never seen so man mac users in one place before” just made my day. I should have asked him to say “I’m a pc” just once for the camera. That aside, content of the presentation was good. Overview of the new Office 2007 XML based files was very interesting. Especially as I’ve just seen Larry’s Pauldotcom video on Office 2007 Metadata. The file is a filesystem in a file, allowing for more than just a single piece of data. A majority of attacks are now also resulting in a valid document being loaded instead of a typical crash in office that we were seeing some years back. This leaves very little evidence that you’ve been exploited at all. Demo on exploitation was good, but I’d love to have seen some more code.
Cisco IOS attack and defense
Packed out presentation, and who can blame the people. Lots of good information here. Mostly concentrated in Cisco as they hold 92% of the router market, and Juniper (second in line) is just FreeBSD under the hood. All processes share the same HEAP in IOS, making it easy to overwrite other processes memory. There are over 100,000 different IOS images (15,000 supported by Cisco) making reliable exploitation hard to achieve. This variation in IOS gives a poor mans ASLR (Address Space Layout Randomisation) so makes things hard. However as with ASLR, return to libC style attacks still do the trick. However in IOS this means writing code to the now unused ROMMON location and going from there. Some information was given on IOS forensics and memory dumps. Hard to get working, but once it is, you can get lots of information. As different memory locations are used for small, medium, large packets, older packets can still be found in memory and are not overwritten in a reliable way. This leads to good forensic ability, as you can read the packets straight from a RAM dump and output them into a PCAP format. A simple demo was performed using a malformed ping packet to display text in the router screen. However this was enough to prove the attack vector.
Tonight is the bloggers/security-twits meetup outside the BCC (by the rocket) at 24:00. I’ll be there, hope to see you there too 😉