Category Archives: Uncategorized

Scammers or Terrible Social Engineers?

Scammers are on the rise these days, from email scams to phone scams, and even in the mail. Let’s start with email/internet scams. My goal is to use up as much of the scammers time as I can an I use a few ways to verify the scammers location. Usually you will get an email from some prince or someone who is in the hospital wanting to give you their life funds because they don’t trust their family. Don’t respond or give them any information. They all use the same terminology when speaking to you as well. “Can you KINDLY respond back to me”. “Kindly” is one of their favorite words. Another red flag is the payment method, they will ask for a money graham or western union transfer to a name you have not heard of. Most scammers I have dealt with have been very bad at answering questions because that is a waste of their time. Their goal is to make you feel like you are dealing with a very smart individual who will send you what you have ordered or what you are talking about in the discussion. Check the email address they send it from and use reverse email website to see if you can find out more on who you are talking about.

Such site includes:

Pipl.com

Thatsthem.com

Truepeoplesearch.com

 

These sites are free and easy to user when it comes to reverse email look-ups. They won’t give you a real name so it’s not worth trying to locate.

Another thing to try to get the scammers to do is click a link that has been tagged by an IP logger. What is an IP logger you might say. It is a link that has been modified or changed so that the person clicking on it will give out their location. Scammers work on a network of different locations. Most of the time the location of where they want the money sent isn’t where they are. They have a pickup person in one place who sends the funds to someone in another location. This makes the whole operation harder to locate and most of the time the funds to leave the united states or the country the scam is located in. If you can split your operation you are harder to find. The Two main IP loggers I use are:

https://ip-logger.gear.host/

https://iplogger.org/

They are very accurate and do well.

Example, A website I am currently investigating is http://www.cheappurebredpuppies.com/ they have pulled information off other dog breeders websites and pulled them to their own using older pictures as well. I have used two different Email addresses to contact them, both times I have gotten a different name to send a money graham too. That is what they use for their operation as well, harder to track and non-refundable. The thing is if they don’t get what they want from you they will either threaten you or move on to the next person they are scamming. This is one of the examples when you trying to purchase an item from them. On the contrary when they are buying something from you they use similar tactics and usually want to send you more money than the item is worth. The reason for this is so you can cash it and they have your bank realize its fraud while you send the money back to them. In one case I have had them send an expedited check to me at my job to test out them sending the document to me.

 

Second is Tech support scammers. They are getting craftier, I have A set of videos on this. Microsoft will never call you if your computer has a virus. This section will be a little shorter and I’ll link my YouTube page to it. Their goal is to craft webpages that look like Microsoft errors and be very identical the actual Microsoft website if you have not paid attention to how it looks. Pay attention to the web address line and make sure it is a Microsoft website. Scammers do not affiliate themselves with the actual company. They state that they are techs to fix your computer approved my Microsoft. They have many techniques to make you think you have virus’s. Please visit my YouTube page for more on how they work. https://www.youtube.com/channel/UCsPThvyPrIr7otuVgnFVzTg

 

In conclusion, Scammers, or social engineers are out there daily trying to steal your money from you, they come in many forms. IRS calls to door to door salesman. Be careful who you talk to and who you share your information with or who you allow to use your computer.

 

Signing off!

 

Top Places for Malware to hide 2017

With most of the commercial anti-virus software vendors using signature based malware classification methods this becomes a bit of a game of creating code that is obfuscated just enough to change the signature to be undetected.  (Shijo & Salim, 2015, p. xx) say, “In static analysis features are extracted from the binary code of programs and are used to create models describing them.”  This is the most commonly used method of detection and obfuscation is the simple work around. Signatures need to be frequently updated to catch the common malware, while malware makers can simply change the obfuscation of the code.  One never catches up with the other. (Shijo & Salim, 2015, p. xx) continues by saying, “The static analysis fails at different code obfuscation techniques used by the virus coders and also at polymorphic and metamorphic malware’s.”  What also fails is the dynamic analysis due to the behavior of a program that is monitored while in execution.  The problem is malware has to be done in a secure environment for a specific amount of time this is a limitation due to the amount of time that it takes to create this maleware.

The first way that malware tries to hide itself is in the windows registry.(AlienVault, 2016) says, “the Windows registry is quite large and complex, which means there many places where malware can insert itself to achieve persistence.” An simple example is the Poweliks sets a null entry utilizing one of the built-in Windows APIs, ZwSetValueKey, which allows it to create a registry key with an encoded data blob, (AlienVault, 2016).  From this point it can hide out and autostart and maintain persistence of many systems.

The second way malware will hide itself is process injection.  This is where the malware hijacks a running process and puts bits of code into it.  (AlienVault, 2016) says, “Malware leverages process injection techniques to hide code execution and avoid detection by utilizing known “good” processes such as svchost.exe or explorer.exe.”

A third example would be physical.  This is where the malware could possibly be stored on the slack partition of the drive.  (Berghel, 2007, p. xx)  says, ” At the sector level, any unused part of a partially filled sector is padded with either data from memory (RAM slack) or null characters (sector slack).”  The location is ideal because the Operating System doesn’t have access to this portion of the data normally.  This can lay dormant and resurface based off of specific commands.

References

AlienVault. (2016, October 3). Malware hiding techniques to watch for: alienvault labs. Retrieved from https://www.alienvault.com/blogs/labs-research/malware-hiding-techniques-to-watch-for-alienvault-labs

Shijo, P., & Salim, A. (2015). Integrated static and dynamic analysis for malware detection. Procedia Computer Science46, 804-811. doi:10.1016/j.procs.2015.02.149

Berghel, H. (2007). Hiding Data, Forensics, and Anti-Forensics. Communications Of The ACM50(4), 15-20. doi:10.1145/1232743.1232761

Browser Attacks and Network Intrusion

Research Synthesis and Analysis of Browser Attacks and Network Intrusion

Browser attacks and network intrusion are drawbacks users face every day for being connected to the internet in one way or another.  One has to access a browser to be served content on the web and one has to be connected to a network to view the web.  We will take a closer look at both in this paper.

Browser Attacks

Browser attacks come in many different forms, making them very difficult to defend against. OWASP, which stands for open web application security project is a nonprofit organization which has made an effort to identify the many types of browser based attacks in the wild.  OWASP is more well-known for its project called OWASP top ten project.  The top ten biggest browser based attacks are as follows:

  1. Injection
  2. Broken Authentication & Session Management
  3. XSS or Cross Site Scripting
  4. Insecure Direct Object Reference
  5. Security Misconfiguration
  6. Sensitive Data Exposure
  7. Missing Function Level Access Control
  8. Cross Site Request Forgery
  9. Using Components with knows vulnerabilities
  10. Invalidated Redirect & Forwards

These are the ten main categories that browser attacks fall into.  An even more daunting task is that even though the list may have been created in 2013, most of these categories are still visible on the internet and can be used in today’s internet landscape.

Major Issues, Problems

The problems with browser attacks are largely due to the overwhelming number of browsers that are available to users.  Not all browsers handle content the same way and not all browsers protect against vulnerabilities in the OWASP top ten in the same manner.  With the five biggest browsers being Chrome, IE, Firefox, Safari, and Opera there are also the problem of versions of these top five.  This enables a vulnerability to remain in the opened to be used to attack until a user gets around to updating their browser.  An even greater issue is that a web application could exist and is made in 2013 and heavily used by a company.  A company may not be able to upgrade the web application because of resources.  However, this ultimately doesn’t work in modern browsers leaving potentially 1000 of computers susceptible to all vulnerabilities since 2013 in this web browser.

If this wasn’t alarming enough users have created frameworks that allow security researchers and engineers to test these web applications in their companies.  One penetration testing framework is the BEEF framework.  This framework has compiled many of the vulnerabilities in the OWASP top ten into a single interface which is used to exploit browsers which they call “hooking”.  Beef was built by a group of developers to explore the vulnerabilities in browsers and test them specifically Beef is an excellent platform for testing a browser’s vulnerability to XSS and other injection attacks, (Null Byte, 2015).

New malware is being developed in the wild which is taking advantage of these browser vulnerabilities and exploiting them for man in the middle browser attacks.  (Khandelwal, 2016) says, “Besides process level restrictions bypass, the AtomBombing code injection technique also allows attackers to perform man-in-the-middle (MITM) browser attacks, remotely take screenshots of targeted user desktops, and access encrypted passwords stored on a browser.”  In a recent article the AtomBombing malware was dubbed to have no patch.  (Khandelwal, 2016) says, “Since the AtomBombing technique exploits legitimate operating system functions to carry out the attack, Microsoft cannot patch the issue without changing how the entire operating system works. This is not a feasible solution, so there is no notion of a patch.”

Analysis, Ideas, and Solutions

Looking at some of the above browser based attacks as you can see in the case of the AtomBombing there is little that can be done.  However, there are some general practices that can help an organization and or a normal computer user to defend against a large portion of these attacks, (How to Geek, n.d.).

  1. Keep your browser updated
  2. Enable Click-to-Play Plug-ins
  3. Uninstall Plug-ins you don’t need
  4. Keep Plug-ins updated
  5. Use a 64-bit Web Browser
  6. Run an Anti-Exploit Program
  7. Use Caution When Using Browser Extensions

In a work scenario, many of the above list will be able to be restricted through a group policy.  Many of these browser attacks have specific signature that can be spotted by a good intrusion detection system like SNORT or Dell SonicWall.  Also with a tool like Dell Kace you can track inventory of all web browsers that are being used within a company’s network to make sure there aren’t any legacy browsers floating around.

Network Intrusion

Network intrusion is something that everyone must deal with when connected to the internet whether it’s a person’s home network or work.  (Moskowitz, 2014) defines, “A network intrusion is any unauthorized activity on a computer network.”  Many believe this could be using the network for something it wasn’t intended to do whether consciously or subconsciously. (Moskowitz, 2014) continues, “In most cases, such unwanted activity absorbs network resources intended for other uses, and nearly always threatens the security of the network and/or its data. “

Major Issues, Problems

The largest problem that we have with network intrusion attacks is the scale of which the network is growing.  With the emergence of internet of things, toasters and thermostats now fall susceptible to old attack vectors in networking.  (Hodo et al., n.d.) says, “Research conducted by Cisco reports there are currently 10 billion devices connected, compared to the world population of over 7 billion and it is believed it will increase by 4% by the year 2020.” At an RSA conference a researcher discussed some very popular attack vectors that come up often when discussing network intrusion these are:

  1. Asymmetric Routing
  2. Buffer Overflow Attacks
  3. Scripts
  4. Protocol-Specific Attacks
  5. Traffic Flooding
  6. Trojans
  7. Worms

Intrusion to a network can come in two main forms whether External Intruders, where these are people that will more than likely use malware or exploits to gain access to a system or Internal Intruders, these are people misuse the system by changing important data or theft of confidential data.

Analysis, Ideas, and Solutions

Intrusion detection systems bring the most hope to the defense from many of these attack vectors discussed.  Whether (HIDS) Host-Based or (NIDS) network based.  There are many different flavors of IDS systems and selecting the right system is very important and unique to budget and normal network usage.  Some use signature based others are using anomaly based systems or pattern recognition.  Recently we’ve seen a rise in hybrid approaches taking the best of both worlds.  The four different techniques which are used are Statistical analysis, Evolutionary algorithm, Protocol verification, and Ruled Based or signature based systems.  Ultimately these systems when used appropriately will catch uncharacteristic traffic.  Some need a baseline of traffic to get started some work directly out of the box like a signature based system.  As the networks continue to get more and more complex so do these IDS systems.  The ability to pool known attacks into a signature share through all companies is a powerful tool but now the landscape is changing and attacks are becoming more targeted in nature.  Anomaly based systems need to be used in conjunction with signature based.  Many companies are faced with a resource issues as anomaly based systems need monitoring since the potential of false positives are a lot higher.

 

 

 

References

Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P., Iorkyase, E., Tachtatzis, C., & Atkinson, R. (n.d.). Threat analysis of iot networks using artificial neural network intrusion detection system. Paper presented at the meeting of the International Symposium on Networks, Computers and Communications, Hammamet, Tunisia.

How to Geek. (n.d.). 7 ways to secure your web browser against attacks. Retrieved from http://www.howtogeek.com/228828/7-ways-to-secure-your-web-browser-against-attacks/

Khandelwal, S. (2016, October 27). This code injection technique can potentially attack all versions of windows. Retrieved from http://thehackernews.com/2016/10/code-injection-attack.html

Moskowitz, R. (2014, December 25). Network intrusion: methods of attack | rsa conference. Retrieved from https://www.rsaconference.com/blogs/network-intrusion-methods-of-attack

Null Byte. (2015). Hack like a pro: how to hack web browsers with beef « null byte. Retrieved from http://null-byte.wonderhowto.com/how-to/hack-like-pro-hack-web-browsers-with-beef-0159961/

OWASP. (n.d.). Category:owasp top ten project – owasp. Retrieved from https://www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013

 

The Theory (Hashing Functions, Salt, Pepper) – Explained

We need to hash passwords as a second line of defense. A server which can authenticate users necessarily contains, somewhere in its entrails, some data which can be used to validate a password. A very simple system would just store the passwords themselves, and validation would be a simple comparison. But if a hostile outsider were to gain a simple glimpse at the contents of the file or database table which contains the passwords, then that attacker would learn a lot. Unfortunately, such partial, read-only breaches do occur in practice (a mislaid backup tape, a decommissioned but not wiped-out hard disk, an aftermath of a SQL injection attack — the possibilities are numerous). See this blog post for a detailed discussion.

Since the overall contents of a server that can validate passwords are necessarily sufficient to indeed validate passwords, an attacker who obtained a read-only snapshot of the server is in position to make an offline dictionary attack: he tries potential passwords until a match is found. This is unavoidable. So we want to make that kind of attack as hard as possible. Our tools are the following:

  • Cryptographic hash functions: these are fascinating mathematical objects which everybody can compute efficiently, and yet nobody knows how to invert them. This looks good for our problem – the server could store a hash of a password; when presented with a putative password, the server just has to hash it to see if it gets the same value; and yet, knowing the hash does not reveal the password itself.
  • Salts: among the advantages of the attacker over the defender is parallelism. The attacker usually grabs a whole list of hashed passwords, and is interested in breaking as many of them as possible. He may try to attack several in parallels. For instance, the attacker may consider one potential password, hash it, and then compare the value with 100 hashed passwords; this means that the attacker shares the cost of hashing over several attacked passwords. A similar optimization is precomputed tables, including rainbow tables; this is still parallelism, with a space-time change of coordinates.The common characteristic of all attacks which use parallelism is that they work over several passwords which were processed with the exact same hash function. Salting is about using not one hash function, but a lot of distinct hash functions; ideally, each instance of password hashing should use its own hash function. A salt is a way to select a specific hash function among a big family of hash functions. Properly applied salts will completely thwart parallel attacks (including rainbow tables).
  • Slowness: computers become faster over time (Gordon Moore, co-founder of Intel, theorized it in his famous law). Human brains do not. This means that attackers can “try” more and more potential passwords as years pass, while users cannot remember more and more complex passwords (or flatly refuse to). To counter that trend, we can make hashing inherently slow by defining the hash function to use a lot of internal iterations (thousands, possibly millions).

We have a few standard cryptographic hash functions; the most famous are MD5 and the SHA family. Building a secure hash function out of elementary operations is far from easy. When cryptographers want to do that, they think hard, then harder, and organize a tournament where the functions fight each other fiercely. When hundreds of cryptographers gnawed and scraped and punched at a function for several years and found nothing bad to say about it, then they begin to admit that maybe that specific function could be considered as more or less secure. This is just what happened in the SHA-3 competition. We have to use this way of designing hash function because we know no better way. Mathematically, we do not know if secure hash functions actually exist; we just have “candidates” (that’s the difference between “it cannot be broken” and “nobody in the world knows how to break it”).

A basic hash function, even if secure as a hash function, is not appropriate for password hashing, because:

  • it is unsalted, allowing for parallel attacks (rainbow tables for MD5 or SHA-1 can be obtained for free, you do not even need to recompute them yourself);
  • it is way too fast, and gets faster with technological advances. With a recent GPU (i.e. off-the-shelf consumer product which everybody can buy), hashing rate is counted in billions of passwords per second.

So we need something better. It so happens that slapping together a hash function and a salt, and iterating it, is not easier to do than designing a hash function — at least, if you want the result to be secure. There again, you have to rely on standard constructions which have survived the continuous onslaught of vindictive cryptographers.

Good Password Hashing Functions

PBKDF2

PBKDF2 comes from PKCS#5. It is parameterized with an iteration count (an integer, at least 1, no upper limit), a salt (an arbitrary sequence of bytes, no constraint on length), a required output length (PBKDF2 can generate an output of configurable length), and an “underlying PRF”. In practice, PBKDF2 is always used with HMAC, which is itself a construction built over an underlying hash function. So when we say “PBKDF2 with SHA-1”, we actually mean “PBKDF2 with HMAC with SHA-1”.

Advantages of PBKDF2:

  • Has been specified for a long time, seems unscathed for now.
  • Is already implemented in various framework (e.g. it is provided with .NET).
  • Highly configurable (although some implementations do not let you choose the hash function, e.g. the one in .NET is for SHA-1 only).
  • Received NIST blessings (modulo the difference between hashing and key derivation; see later on).
  • Configurable output length (again, see later on).

Drawbacks of PBKDF2:

  • CPU-intensive only, thus amenable to high optimization with GPU (the defender is a basic server which does generic things, i.e. a PC, but the attacker can spend his budget on more specialized hardware, which will give him an edge).
  • You still have to manage the parameters yourself (salt generation and storage, iteration count encoding…). There is a standard encoding for PBKDF2 parameters but it uses ASN.1 so most people will avoid it if they can (ASN.1 can be tricky to handle for the non-expert).

bcrypt

bcrypt was designed by reusing and expanding elements of a block cipher called Blowfish. The iteration count is a power of two, which is a tad less configurable than PBKDF2, but sufficiently so nevertheless. This is the core password hashing mechanism in the OpenBSD operating system.

Advantages of bcrypt:

  • Many available implementations in various languages (see the links at the end of the Wikipedia page).
  • More resilient to GPU; this is due to details of its internal design. The bcrypt authors made it so voluntarily: they reused Blowfish because Blowfish was based on an internal RAM table which is constantly accessed and modified throughout the processing. This makes life much harder for whoever wants to speed up bcrypt with a GPU (GPU are not good at making a lot of memory accesses in parallel). See here for some discussion.
  • Standard output encoding which includes the salt, the iteration count and the output as one simple to store character string of printable characters.

Drawbacks of bcrypt:

  • Output size is fixed: 192 bits.
  • While bcrypt is good at thwarting GPU, it can still be thoroughly optimized with FPGA: modern FPGA chips have a lot of small embedded RAM blocks which are very convenient for running many bcrypt implementations in parallel within one chip. It has been done.
  • Input password size is limited to 51 characters. In order to handle longer passwords, one has to combine bcrypt with a hash function (you hash the password and then use the hash value as the “password” for bcrypt). Combining cryptographic primitives is known to be dangerous (see above) so such games cannot be recommended on a general basis.

scrypt

scrypt is a much newer construction (designed in 2009) which builds over PBKDF2 and a stream cipher called Salsa20/8, but these are just tools around the core strength of scrypt, which is RAM. scrypt has been designed to inherently use a lot of RAM (it generates some pseudo-random bytes, then repeatedly read them in a pseudo-random sequence). “Lots of RAM” is something which is hard to make parallel. A basic PC is good at RAM access, and will not try to read dozens of unrelated RAM bytes simultaneously. An attacker with a GPU or a FPGA will want to do that, and will find it difficult.

Advantages of scrypt:

  • A PC, i.e. exactly what the defender will use when hashing passwords, is the most efficient platform (or close enough) for computing scrypt. The attacker no longer gets a boost by spending his dollars on GPU or FPGA.
  • One more way to tune the function: memory size.

Drawbacks of scrypt:

  • Still new (my own rule of thumb is to wait at least 5 years of general exposure, so no scrypt for production until 2014 – but, of course, it is best if other people try scrypt in production, because this gives extra exposure).
  • Not as many available, ready-to-use implementations for various languages.
  • Unclear whether the CPU / RAM mix is optimal. For each of the pseudo-random RAM accesses, scrypt still computes a hash function. A cache miss will be about 200 clock cycles, one SHA-256 invocation is close to 1000. There may be room for improvement here.
  • Yet another parameter to configure: memory size.

OpenPGP Iterated And Salted S2K

I cite this one because you will use it if you do password-based file encryption with GnuPG. That tool follows the OpenPGP format which defines its own password hashing functions, called “Simple S2K”, “Salted S2K” and “Iterated and Salted S2K“. Only the third one can be deemed “good” in the context of this answer. It is defined as the hash of a very long string (configurable, up to about 65 megabytes) consisting of the repetition of an 8-byte salt and the password.

As far as these things go, OpenPGP’s Iterated And Salted S2K is decent; it can be considered as similar to PBKDF2, with less configurability. You will very rarely encounter it outside of OpenPGP, as a stand-alone function.

Unix “crypt”

Recent Unix-like systems (e.g. Linux), for validating user passwords, use iterated and salted variants of the crypt() function based on good hash functions, with thousands of iterations. This is reasonably good. Some systems can also use bcrypt, which is better.

The old crypt() function, based on the DES block cipher, is not good enough:

  • It is slow in software but fast in hardware, and can be made fast in software too but only when computing several instances in parallel (technique known as SWAR or “bitslicing”). Thus, the attacker is at an advantage.
  • It is still quite fast, with only 25 iterations.
  • It has a 12-bit salt, which means that salt reuse will occur quite often.
  • It truncates passwords to 8 characters (characters beyond the eighth are ignored) and it also drops the upper bit of each character (so you are more or less stuck with ASCII).

But the more recent variants, which are active by default, will be fine.

Bad Password Hashing Functions

About everything else, in particular virtually every homemade method that people relentlessly invent.

For some reason, many developers insist on designing function themselves, and seem to assume that “secure cryptographic design” means “throw together every kind of cryptographic or non-cryptographic operation that can be thought of”. See this question for an example. The underlying principle seems to be that the sheer complexity of the resulting utterly tangled mess of instruction will befuddle attackers. In practice, though, the developer himself will be more confused by his own creation than the attacker.

Complexity is bad. Homemade is bad. New is bad. If you remember that, you’ll avoid 99% of problems related to password hashing, or cryptography, or even security in general.

Password hashing in Windows operating systems used to be mindbogglingly awful and now is just terrible (unsalted, non-iterated MD4).

Key Derivation

Up to now, we considered the question of hashing passwords. A close problem is about transforming a password into a symmetric key which can be used for encryption; this is called key derivation and is the first thing you do when you “encrypt a file with a password”.

It is possible to make contrived examples of password hashing functions which are secure for the purpose of storing a password validation token, but terrible when it comes to generating symmetric keys; and the converse is equally possible. But these examples are very “artificial”. For practical functions like the one described above:

  • The output of a password hashing function is acceptable as a symmetric key, after possible truncation to the required size.
  • A Key Derivation Function can serve as a password hashing function as long as the “derived key” is long enough to avoid “generic preimages” (the attacker is just lucky and finds a password which yields the same output). An output of more than 100 bits or so will be enough.

Indeed, PBKDF2 and scrypt are KDF, not password hashing function — and NIST “approves” of PBKDF2 as a KDF, not explicitly as a password hasher (but it is possible, with only a very minute amount of hypocrisy, to read NIST’s prose in such a way that it seems to say that PBKDF2 is good for hashing passwords).

Conversely, bcrypt is really a block cipher (the bulk of the password processing is the “key schedule”) which is then used in CTR mode to produce three blocks (i.e. 192 bits) of pseudo-random output, making it a kind of hash function. bcrypt can be turned into a KDF with a little surgery, by using the block cipher in CTR mode for more blocks. But, as usual, we cannot recommend such homemade transforms. Fortunately, 192 bits are already more than enough for most purposes (e.g. symmetric encryption with GCM or EAX only needs a 128-bit key).

Miscellaneous Topics

How many iterations ?

As much as possible ! This salted-and-slow hashing is an arms race between the attacker and the defender. You use many iterations to make the hashing of a password harder for everybody. To improve security, you should set that number as high as you can tolerate on your server, given the tasks that your server must otherwise fulfill. Higher is better.

Collisions and MD5

MD5 is broken: it is computationally easy to find a lot of pairs of distinct inputs which hash to the same value. These are called collisions.

However, collisions are not an issue for password hashing. Password hashing requires the hash function to be resistant to preimages, not to collisions. Collisions are about finding pairs of messages which give the same output without restriction, whereas in password hashing the attacker must find a message which yields a given output that the attacker does not get to choose. This is quite different. As far as we known, MD5 is still (almost) as strong as it has ever been with regards to preimages (there is a theoretical attack which is still very far in the ludicrously impossible to run in practice).

The real problem with MD5 as it is commonly used in password hashing is that it is very fast, and unsalted. However, PBKDF2 used with MD5 would be robust. You should still use SHA-1 or SHA-256 with PBKDF2, but for Public Relations. People get nervous when they hear “MD5”.

Salt Generation

The main and only point of the salt is to be as unique as possible. Whenever a salt value is reused anywhere, this has the potential to help the attacker.

For instance, if you use the user name as salt, then an attacker (or several colluding attackers) could find it worthwhile to build rainbow tables which attack the password hashing function when the salt is “admin” (or “root” or “joe”) because there will be several, possibly many sites around the world which will have a user named “admin”. Similarly, when a user changes his password, he usually keeps his name, leading to salt reuse. Old passwords are valuable targets, because users have the habit of reusing passwords in several places (that’s known to be a bad idea, and advertised as such, but they will do it nonetheless because it makes their life easier), and also because people tend to generate their passwords “in sequence”: if you learn that Bob’s old password is “SuperSecretPassword37”, then Bob’s current password is probable “SuperSecretPassword38” or “SuperSecretPassword39”.

The cheap way to obtain uniqueness is to use randomness. If you generate your salt as a sequence of random bytes from the cryptographically secure PRNG that your operating system offers (/dev/urandom, CryptGenRandom()…) then you will get salt values which will be “unique with a sufficiently high probability”. 16 bytes are enough so that you will never see a salt collision in your life, which is overkill but simple enough.

UUID are a standard way of generating “unique” values. Note that “version 4” UUID just use randomness (122 random bits), like explained above. A lot of programming frameworks offer simple to use functions to generate UUID on demand, and they can be used as salts.

Salt Secrecy

Salts are not meant to be secret; otherwise we would call them keys. You do not need to make salts public, but if you have to make them public (e.g. to support client-side hashing), then don’t worry too much about it. Salts are there for uniqueness. Strictly speaking, the salt is nothing more than the selection of a specific hash function within a big family of functions.

“Pepper”

Cryptographers can never let a metaphor alone; they must extend it with further analogies and bad puns. “Peppering” is about using a secret salt, i.e. a key. If you use a “pepper” in your password hashing function, then you are switching to a quite different kind of cryptographic algorithm; namely, you are computing a Message Authentication Code over the password. The MAC key is your “pepper”.

Peppering makes sense if you can have a secret key which the attacker will not be able to read. Remember that we use password hashing because we consider that an attacker could grab a copy of the server database, or possible of the whole disk of the server. A typical scenario would be a server with two disks in RAID 1. One disk fails (electronic board fries – this happens a lot). The sysadmin replaces the disk, the mirror is rebuilt, no data is lost due to the magic of RAID 1. Since the old disk is dysfunctional, the sysadmin cannot easily wipe its contents. He just discards the disk. The attacker searches through the garbage bags, retrieves the disk, replaces the board, and lo! He has a complete image of the whole server system, including database, configuration files, binaries, operating system… the full monty, as the British say. For peppering to be really applicable, you need to be in a special setup where there is something more than a PC with disks; you need a HSM. HSM are very expensive, both in hardware and in operational procedure. But with a HSM, you can just use a secret “pepper” and process passwords with a simple HMAC (e.g. with SHA-1 or SHA-256). This will be vastly more efficient than bcrypt/PBKDF2/scrypt and their cumbersome iterations. Also, usage of a HSM will look extremely professional when doing a WebTrust audit.

Client-side hashing

Since hashing is (deliberately) expensive, it could make sense, in a client-server situation, to harness the CPU of the connecting clients. After all, when 100 clients connect to a single server, the clients collectively have a lot more muscle than the server.

To perform client-side hashing, the communication protocol must be enhanced to support sending the salt back to the client. This implies an extra round-trip, when compared to the simple client-sends-password-to-server protocol. This may or may not be easy to add to your specific case.

Client-side hashing is difficult in a Web context because the client uses Javascript, which is quite anemic for CPU-intensive tasks.

In the context of SRP, password hashing necessarily occurs on the client side.

Conclusion

Use bcrypt. PBKDF2 is not bad either. If you use scrypt you will be a “slightly early adopter” with the risks that are implied by this expression; but it would be a good move for scientific progress (“crash dummy” is a very honourable profession).

Network covert timing channels

 

Network covert timing channels are one way of attackers use to communicate with compromised host computers on the internet.  (Cabuk, Brodley, & Shields, 2004, p. xx) says, “A network covert channel is a mechanism that can be used to leak information across a network in violation of a security policy and in a manner, that can be difficult to detect.”  Network covert timing channels are slightly different.  Out of the two covert channels which are storage and timing.  Timing channels involves a sender process that signals information to another by modulating its own use of system resources in such a way that this manipulation affects the real response time observed by the second process, (Cabuk, Brodley, & Shields, 2004, p. xx).

There are two types of covert timing channels that exist, passive and active. (Gianvecchio & Wang, 2007, p. xx) states, “active refers to covert timing channels that generate additional traffic to transmit information, while passive refers to covert timing channels that manipulate the timing of existing traffic.”  These two types of covert timing channels have proven very effective in concealing data transfer over the internet.

Detection is broken down by two different sets of test shape and regularity.  The shape of traffic is described by statistics, mean, and variance.  The regularity of traffic is described by second or higher order statistics or correlation analysis.  Entropy and conditional entropy have shown as promising ways of detection.  (Gianvecchio & Wang, 2007, p. xx) says, “Entropy rate is the average entropy per random variable, can be used as a measure of complexity or regularity.”  This allows administrators to distinguish between randomness of timing of packets and complexity.

 

 

References

Cabuk, S., Brodley, C. E., & Shields, C. (2004). ip covert timing channels. Proceedings of the 11th ACM conference on Computer and communications security – CCS ’04. doi:10.1145/1030083.1030108

Gianvecchio, S., & Wang, H. (2007). Detecting covert timing channels. Proceedings of the 14th ACM conference on Computer and communications security – CCS ’07. doi:10.1145/1315245.1315284

Protecting SQL Databases

SQL Database Vulnerabilities

With more and more information being accessed on line through publicly visible web applications as well as API’s, both mobile and web, finding ways to protect a company’s data isn’t getting any easier.  The top 4 databases are Oracle, MS SQL Server and PostgreSQL.  Most companies are using some flavor of this to retrieve their information, (ServerWatch, 2015).  Each of these servers has specific vulnerabilities however we can look at the broader categories of vulnerabilities that they share when exposed to the public internet.  The top 2 vulnerabilities to web based databases are default and or blank passwords, SQL injection (DarkReading, 2012).

Default and blank accounts are very common.  Keeping up with thousands of blank accounts with weak passwords seems almost impossible in a large company and has exposed many databases.  There are a variety of reasons of why this may happen. (SANS Technology Institute, n.d.) states, “Simply not knowing that a password needs to be changed or assuming that their perimeter firewall will protect them from unauthorized access are some of the reasons for doing so.”  But ultimately the administrators need to know that many of these default accounts are publicly accessible on the internet. Many viruses and malware have the default accounts programmed in their code to test these multiple accounts.  The Voyager Alpha for instance scans the internet for port 1433 which is the port for MS SQL server and upon discovery will attempt to login with the blank password to gain access, (SANS Technology Institute, n.d.).  Removing default, blank and weak log-in credentials is an important first step for filling chinks in your database armor, (DarkReading, 2012).

SQL Injection is another top vulnerability which tops on almost every list which includes DarkReadings top 10 and also OWASP top 10.  (DarkReading, 2012) defines it best by stating, “When your database platform fails to sanitize inputs, attackers are able to execute SQL injections similar to the way they do in Web-based attacks.”   In a recent study 65 percent of companies experienced SQL injection in a 12-month period which evaded their web based defenses, (Ponemon Institute, 2014).  The defenses for SQL injection can be prepared statements instead of the dynamic statements which allow user input directly in the query.  Use of stored procedures in a safe way which means the stored procedures does not contain any unsafe dynamic SQL can also benefit the defenses of SQL Injection.

 

References

DarkReading. (2012, November 1). The 10 most common database vulnerabilities. Retrieved from http://www.darkreading.com/vulnerabilities—threats/the-10-most-common-database-vulnerabilities/d/d-id/1134676

OWASP. (n.d.). sql injection prevention cheat sheet – owasp. Retrieved from https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

Ponemon Institute. (2014, April 12). The sql injection threat study. Retrieved from http://www.ponemon.org/local/upload/file/DB%20Networks%20Research%20Report%20FINAL5.pdf

SANS Technology Institute. (n.d.). The risk of default passwords. Retrieved from http://www.sans.edu/research/security-laboratory/article/default-psswd

ServerWatch. (2015, September 8). Top 10 enterprise database systems in 2015. Retrieved from http://www.serverwatch.com/server-trends/slideshows/top-10-enterprise-database-systems-to-consider-2015.html

Set up your lair

I decided to create this post to show people how to get up and running.  Ideally you would want to have a workstation (host) and multiple VMs which can be numerous ISO’s for you to practice on.  For people to learn how to get started this video explains a lot of initial setup.  This shows the ISO Metasploitable.  There is a bunch of video’s on this topic but this one seems the most thorough and clear.  I’ll continue to update this post with new links to some of my favorite VMs and links.

Hardware

SANS Suggestions from 2014 – Pentest Lab Hardware – https://pen-testing.sans.org/blog/2014/02/27/building-a-pen-test-infrastructure-hacking-at-home-on-the-cheap

BotNets – Sneak peak at the Zombie Army


Sneak Peak into the Zombie Army

by Steven Leath

Sneak Peak into the Zombie Army

           One of the most underestimated attack strategies by security analyst used today by some of the most elite hacker groups in the world including military organizations is known as a botnet.  It’s the Swiss army knife of attacking strategies.  It allows hackers to take a single attack to the next level.  What’s better than one hacker on one computer trying to attack a target system?  A hacker that controls hundreds or thousands of computers or Zombies to orchestrate a well-planned attack. We’ll take a deeper look into the ultimate attack strategy of choice.  There are a few ways that make this the ultimate attack strategy through versatility of sub attacks, the amount of cover, and scalability.

            According to Microsoft, “Criminals typically use bots to infect large numbers of computers. These computers form a network, or a botnet.” A botnet is a network of compromised computers that communicate back to a command server that a hacker controls.  There are multiple types of Botnet’s but this one is the most typical.  We considered this to be a command and control botnet.  See figure 1.  Now an attacker can take on global sized networks. The new method of botnets has moved to a hybrid approach where the command server is hidden.  Allowing each infected computer to be a potential command server making this hard for security professionals to detect a controller.  According to info sec institute, “Each node of the network has a list of addresses of “neighbor” bots with which they communicate and exchange commands. In a similar structure, each bot could send orders to others and attackers to control the entire botnet, but they need access to at least one computer.”  This hybrid structure is known as a peer to peer network and is depicted in figure 2.

            Botnets can also vary in different languages depending on the type of work that the attacker may want to accomplish.  If an attacker wants to target banking information maybe he wants to take advantage of the Zombies browser capabilities to conduct a man-in-the-browser attack.  This might require the bot to use more JavaScript based malware options.  If the intent is to use a botnet for computing ability independent of the Operating System or underlying architecture then an attacker might use Python to take advantage of the ability to run on any system.  The Zeus botnet for instance is the most well-known command and control botnets in existence.  This botnet focuses on using HTML to inject and hijack a zombie’s computers browser and steal information.  Enigma Software reports, “The Zeus Trojan is the number one botnet which has reportedly infected over 3.6 million computers in the United States.”  Depending on what the attackers intentions are this could change the botnet entirely.

            The reasons that an attacker may use a botnet strategy can vary.  An attacker could use the numbers in efforts to create a DDOS, Denial of Service attack.  Which can be a setup to increase traffic on a network, while a hacker penetrates a networks infrastructure. Then the possibility of using the zombies to synchronize a simultaneous attack to render a system useless after an attack.  Or for high profile attacks to cover tracks. Or an attacker can use the botnet strategy for sending email and spamming. Botnets can also be used as such with the Zeus strand of botnets to hijack bank information and sell stolen information on a black market. In Table 1 you can see a few of the different functionalities that a few strands of botnet give a potential attacker.

            Currently botnets are still in use and in the wild.  The evolution of botnet architecture has expanded to mobile platforms.  These viruses such as the Zeus are taking many different permutations such as the Game over Zeus or P2P Zeus botnet.  Which has an android component to it which is typically the delivery method, which targets android porn users.  The Inquirer reported, “Gameover Zeus has already resulted in the illegal transfer of millions of pounds around the world and the (UK)NCA claims that its appearance in the UK could cost computer users losses running to millions more.”  This is one of many of the different mutations of the botnets found in 2014 and we can be sure that security analyst and researchers are going to find many more.  This botnet is also considered to even have a form of Ransomware inside which uses the Cryptolocker application to encrypt your computer files.  To name a few mobile mentions according to trendmicro would be Zitmo, DroidDream, Android.Bmaster, and ikee.b.

            These recent catches in botnets has led us to ask the question what users do to protect themselves from these types of botnets.  Well there are preventive actions that government agencies are using to slow down the peer to peer or hybrid botnets which are called sink holes.  This isn’t a way to stop the botnets but to merely make sure they aren’t active.  Since the hybrid P2P botnets don’t have a distinct command server. The security professionals just need to redirect the zombies to a false domain.  This false domain is the sink hole.  However once a bot-master discovers the sink hole he can then enable more zombies and shed the zombies that are pointed to the sink holes.  But this is only effective if the security professional can get a large number of zombies faster than the bot master can set them up.  Users may want to make sure there antivirus’s are up to date and also that they aren’t clicking on any fraudulent links.  Keeping them away from spam.  Also I would suggest keeping yourself knowledgeable on security breaches in the community especially if you do a large amount of work on the internet.  There is also new hope for enterprises and researchers which is Sandboxing technology.  Which allows users to isolate potential malware files.  This also allows researchers to study the different ways that these viruses are working.  So the more we learn about these types of attacks the better we’ll be at defending future attacks.

References

Higgins, K. (2010, February 10). The Top 10 Enterprise Botnets. Retrieved fromhttp://www.darkreading.com/risk/the-top-10-enterprise-botnets/d/d-id/1132963?

Different Types of Bots. (2008, August 10). Retrieved from http://www.honeynet.org/node/53

Ollmann, VP Research, G. (n.d.). Household Botnet Infections. Retrieved fromhttps://www.damballa.com/household-botnet-infections/

Global Botnet Threat Activity Map. (n.d.). Retrieved from http://www.trendmicro.com/us/security-intelligence/current-threat-activity/global-botnet-map/

What is a botnet? (n.d.). Retrieved from http://www.microsoft.com/security/resources/botnet-whatis.aspx

Top Banking Botnets of 2013. (2014, March 3). Retrieved from http://www.secureworks.com/cyber-threat-intelligence/threats/top-banking-botnets-of-2013/

Merriman, C. (2014, June 3). FBI issues arrest warrant over Gameover Zeus botnet. Retrieved fromhttp://www.theinquirer.net/inquirer/news/2347808/national-crime-agency-warns-about-botnet-epidemic

Tables

Table 1

Feature MITB Redirect Back
connect
Screenshots Video
capture
Proxy Certificate
stealer
Zeus Y Y Y Y Y Y Y
IceIX Y Y Y Y Y Y Y
Citadel Y Y Y Y Y Y Y
Gameover Y Y Y Y Y Y
Shylock Y Y Y Y Y
Bugat Y Y Y Y Y Y
Gozi Y Y Y Y
Torpig Y Y Y Y Y Y

Figures

CANDCBOTNET

Figure 1. This is the command and conquer botnets.  Where all infected computers speak back to the C&C server that a hacker controls.

HYBRID_BOTNET

Figure 2.  This shows the new image of botnets in 2014.  This highlights the evolution from C&C botnets.

OPM security breach – Revisited

[iframe src=”http://www.nbcnews.com/widget/video-embed/494991939826″ width=”560″ height=”315″ frameborder=”0″ allowfullscreen]

The U.S. is one of the most targeted countries in the world for cyberattacks.  Many different attacks from overseas are conducted on a daily basis.  Hacking attacks cost the US firms on average $15.4 million dollars (Griffiths, 2015).  Many of these attacks have originated from china.  What’s been alarming is the amount of attacks that have been on the government, utility facilities, and military infrastructure, also known as critical infrastructure.  What is behind these cyberterrorist attacks?  What motivates these threat actors to target the United States?  One of the most significant critical infrastructure attacks was the attack on Office of Personnel Management.

OPM Security Breach

The Office of Personnel Management was attacked by malware being installed which allowed the attackers to siphon data and maintain access.  On July 7th 2014 hackers gained credentials to access OPM’s local area network.  These hackers then went ahead and installed malware which allowed them to create a backdoor for exfiltration of data from the network.  The background investigation data didn’t start until July 3, 2014 and continued until August.  In October the attackers were able to pivot the malware and its attack and target the Interior Department Data Center where the OPM keeps the personnel records for 4.2 million people.  The most disturbing thing is that OPM officials didn’t know about the attack until April 15, 2015.  This was only due to the identification of suspicious SSL traffic with a decryption tool.  Department of homeland security and OPM responded by putting this malware into Einstein, a malware analysis tool which located the signature in network traffic flow.

Threat Actors

When the security breach took place it was during a highly political battle between the White House and China.  Chinese president Xi Jinpig spoke in visit to the US and said that China was the victim of multiple cyberattacks themselves (Peterson 2015). With Congress staying away from naming an attacker, Capitol Hill was heavily criticized for how they handled the incident.  (Lyngaas, 2015) says, “all official signs thus far have pointed to China as a leading suspect.” NBC News obtained a secret map that showed detailed cyberattacks conducted by China against different regions in the United States.  This map was part of a NSA briefing that was conducted before the OPM attack in 2014.  (WINDREM, 2015) states, “It catalogued the documents and data Chinese government hackers have “exfiltrated” stolen from U.S. corporate, government and military networks, and also listed the number and origin of China’s “exploitations and attacks.”  This information coupled with the ability to pinpoint a strategic attack like this definitely puts China hackers at the top of the list.

NBC News says this is China’s effort to build a massive database on Americans. (Nakashima, 2015) states, “Rich Barger, chief intelligence officer of ThreatConnect, a Northern Virginia cybersecurity firm, we suspect they’re using it to understand more about who to target [for espionage], whether electronically or via human ­recruitment.”  This is such a large target attack towards US personal information that it wouldn’t fit the profile of a hacktivist group and these were professional hackers not script kiddies as the malware was undetected by conventional antivirus software already installed on the computers.

Every sign points to cyberterrorist or nation state hackers.  The only people who would go after this personal data would be someone looking to reuse the information in more targeted attacks.  This is part of a larger information gathering attempt on China’s part. The same Chinese group is behind the hacks of Premera Blue Cross and Empire BlueCross, which were discovered about the same time earlier this year. This would allow them to carry out more targeted attacks on government officials and critical infrastructure in the United States.  The data can also be used to identify potential spy recruits.  The data that was obtained goes as high up the chain as cabinet officials.

Discouraging Attack on OPM

The ability for Chinese hackers to break in started with the hackers obtaining credentials.  These credentials were compromised probably through some type of phishing scheme.  Nation-state-backed hackers are capable of cloaking and varying attacks to render them undetectable by tools that rely on recognizing known threats. According to the DHS timeline, adversaries were inside the OPM network for 10 months before their malware signatures were plugged into Einstein.  If at all possible there is a need for constant monitoring of all channels and the ability to get Einstein involved earlier would have been helpful.  Also the ability to do a qualitative assessment of what the critical data that was being stored is a large part of knowing where OPM’s sensitive data is.  Then applying the proper security controls around these areas.  It seems as though the Chinese hackers were able to pivot in the system fairly easy with little restraint.

 

 

Figure 1. Cyber intrusions by China directed at the United States

 

Continue reading OPM security breach – Revisited