Home The News
Follow us on Twitter

Sponsored Links

Regulatory Updates

Follow us on Twitter
The News
ATM Hacking, GSM Exploits, and B-Sides- Oh My! PDF Print E-mail
Written by Jeromie Jackson   
Friday, 06 August 2010 16:52

EFF Mohawk

 

Blackhat and Defcon always are a great time in Las Vegas for security practitioners and hackers alike. True to form, this year hit the mark again! Here's a rundown on some of the more interesting findings/talks during the conventions. The Electronic Frontier Foundation (EFF) is an organization focused on defending free speech, privacy, innovation, and consumer rights. I have seen their services in action and I highly endorse their activities. At Defcon there was a mohawk fund raiser for EFF, quite a few roaming the halls during the event.

EFF Mohawk 2

ATM Hacking

A presentation was given showing security weaknesses within a couple of ATMs. In one of the hacks he exploits the machine via the network. In the other he exposes a USB connection on the device which allows him to install malware. Here's a video of his presentation.

GSM Exploits

There were a couple presentations about GSM exploitation. In one discussion Chris Paget discussed an IMSI (International Mobile Identity Subscriber) catcher he developed for about $1500.00 that allowed him to impersonate a cell tower. Here's a video of his presentation. Phones would see the tower, which had a high signal strength, then connect allowing for interception of phone conversations.

Drivesploit

Most of us heard a ton about the Aurora attack that happened not too long ago. A presentation at B-Sides discussed a new Metasploit module that will allow script kiddies to easily conduct drive-by attacks. Here is a copy of the presentation discussing the topic and tool.

 

Parties

Scooter_Wars

Technology Integration Group (TIG) threw a great party at the Hardwood Suite in the Palms. It was a long hard night, but I had to take one for the team and made it to be slightly before sunrise.

Netwitness had a nice event at the top of the Pure Nightclub in Cesears Palace. Thanks go out to Scott Williams of Netwitness for the hook-up!

Rapid7 threw down another great party at the Playboy Suite in the Palms. If you know these guys they are VERY high energy. They make Nexpose, one of my preferred tools in my penetration testing and vulnerability assessment toolbag.

Ninja Party was off the hook. An invite only party which creates some very cool badges for entry. A HUGE venue. Here's a 360 video of the event that night.

 

B-Sides is an event held alongside Defcon & Blackhat in Las Vegas. Lots of hardcore talks were held, as usual, however the location was definitely kicked-up this year. An estate not too far from the strip, the location rocked. Here's a link to the details along with the presentations. Here's a video of the event from the cabana in the middle of the pools.

A great event with friends, prospects, and customers. When you're ready to address security for your organization, you know who to call.
 
OWASP San Diego- Finding 0-Day Attacks In Code & On Your Network! PDF Print E-mail
Written by Jeromie Jackson   
Wednesday, 05 May 2010 15:20
OWASP-San_Diego_5-2010
 
Lockpick Grinding PDF Print E-mail
Written by Jeromie Jackson   
Thursday, 28 January 2010 19:05

Lockpick_Grinding
I am obsessive compulsive when it comes to hobbies. I find an interest, get completely immersed in it, and then generally move on. Luckily this was not the case for my interests in information security! A great example is bass fishing. I went from enjoying simply pulling crankbaits through the water to melting my own plastic and creating my own creature molds to make plastic worms out of. Not too off-base, I did the same with lockpicking. I went out and bought a bench grinder, hacksaw blades, and utilized my existing belt sander to create my own lockpicks.

 

I have thus far made picks out of hacksaw blades, butter knives, and sawzall blades. The hacksaw blades work very well and were cheap to make. The butter knives I bought, cheap ones, did not seem to have adequate tinsel strength which resulted in the picks breaking off in the lock. The sawzall blades were fat and required grinding to thin the width of the shank out, but I liked the result a lot! I later made an electric lockpick out of a woman's razor.

 

Since then I've purchased a set of commercial lockpicks, a lockpick gun, a Dyno-Quick pick rake, and many books. I have noted that the type of metal makes a big difference in the feel of the pick. Much like the sensitivity difference between Fluorocarbon & Monofilament fishing lines, the qualities of the metal in the pick changes the feel. For raking I definitely prefer a softer metal- the Dyno & the sawzall blanks are my favorites for rakes. For single picking I prefer the commercial or hacksaw sets. I also noted in torque wrenches you obtain different sensitivity. I ground down an Allen wrench and love the high sensitivity of the device!

 

You can check out videos of how I made the picks here

 

 

Follow-me on Twitter and stay up-to-date with my latest shenanigans. I've acquired a RFID read/write device and plan on spending some quality time with it. I equally have been studying a good payload to drop-off during Red Team assessments. I'm currently working with either Netcat or Metasploit with various types of packing/compiling/encryption techniques to evade antivirus software.
 
Sushi & Sake- An OWASP Hacker Dojo PDF Print E-mail
Written by Jeromie Jackson   
Wednesday, 20 January 2010 17:31
OWASP Meeting
Last Updated on Thursday, 28 January 2010 19:09
 
Securing Data Centers by Breaking Into Them PDF Print E-mail
Written by Jeromie Jackson   
Monday, 28 December 2009 18:17

The locks on the building were of good quality.  They were 6 pin Schlage tumbler locks that incorporated 1 or more security pins.  Here's what the internals of a lock look like:

Lock

Theoretically any lock of this type is pick-able.  Raking is the first technique we used, unsuccessfully.  We then began trying to single pick the pins.  Over 30 minutes went by between the two methods used.  While impatiently waiting I looked around, hunting for other avenues into our goal.

Lockpicking

While standing there, I noted the screws in the window were on our side of the door!  After unscrewing a screw we found the shank appeared to be long enough to go through he door.  Removing the other 9 screws, and a weather seal, out came the window, and we were on the 3rd floor.  From our reconnaissance earlier in the day we knew there was motion sensors run the length of the hallway.  Crawling over to the closest door, in order to evade the sensor, my partner began picking the interior door on the office.  After 20 minutes, without progress, we decided for him to make the LONG crawl down the hallway to where we had identified a poorly installed door that exposed the plunger.  Popping the plunger with a “Lucky-7,” house number from Home Depot, the door was opened.  He came around to the other door closer to me, opened the door, and I crawled my way over to the now opened interior door.

With no interior motion sensors we had free reign in the office.  We obtained several documents containing social security #'s and other confidential data.  Taking several tables that were available we stacked them and I jumped over the drop ceiling into the datacenter- mission completed!  We took some video, gathered evidence, and left a note for our point of contact on a monitor in the datacenter.  Everything was put back the way it was originally, the window in the hallway door was re-installed, and we made our exit through to the stairwell onto the main street- a clean getaway!

Our contact arrived at 7:30 the following morning, just as every other day.  He went to his desk, found nothing out of the ordinary, and worked through the morning.  Around noon he had to enter the datacenter for a task that needed physical access to one of the servers.  He looked over to the monitor and found our note: “Dear <Point of Contact>, Please call us to discuss your physical security.  Jeromie & Eric.”

I will be following up with several articles about circumventing several physical security devices such as HID Proximity cards, some good info and sources for lock picking, creating lockpicking tools, and definitely more on my infosec penetration testing as well.  Be sure to follow-me on Twitter!
Should you need any security assessment, regulatory compliance, web-application testing, social engineering, or red-team engagement, I would certainly appreciate the opportunity to earn your business!
Last Updated on Monday, 28 December 2009 18:20
 
More Articles...
<< Start < Prev 1 2 3 4 5 Next > End >>

Page 1 of 5

Valid XHTML and CSS.