Crypto
A distinguisher for SHA256 using Bitcoin (mining faster along the way)
This post assumes a passing familiarity with what a Distinguishing Attack on a cryptographic hash is, as well as the high level composition of Bitcoin block headers and mining them. tldr: To distinguish between an ideal random permutation hash and SHA256, hash a large amount (~2^80) of candidate 1024 bit blocks twice, as done in Bitcoin. Ensure that the bits of the candidate blocks are sparsely set (much fewer than…
Recreating certificates using Apostille
Sometimes on an engagement, you’d like to construct a believable certificate chain, that you have the matching private keys for. An example might be that a mobile app is doing cert pinning, based on attributes of the signing certificate, such as the Canonical Name (CN), serial number, or Issuer, or that you are intercepting an embedded app that only supports a particular algorithm. Whatever the reason, it’s a fairly complicated…
BlackHat Conference: Z-Wave Security
We are publishing the research paper and tool for our BlackHat 2013 USA talk on the Z-Wave proprietary wireless protocol security. The paper introduces our Z-Wave packet interception and injection toolkit (Z-Force) that was used to analyze the security layer of Z-Wave protocol stack and discover the implementation details of the frame encryption, data origin authentication and key establishment process. We developed the Z-Force module to perform security tests against…
Solution for the BlackHat Challenge
We had published a network protocol analysis challenge for free entry to our BlackHat 2012 Vegas training courses and received seven correct answers. We’d like to thank those who attempted this challenge and hope that they find it useful. The winner, Peter Af Geijerstam managed to respond first, with the correct answer. As a result, he wins a free place on any of our Hacking By Numbers courses. Here is a…
BlackHat Challenge
This year marks a special anniversary for us at SensePost in that we’ve been training at BlackHat for over a decade now. To celebrate this, we thought we’d give away a free ticket to any of our courses on offer at this year’s BlackHat Briefings in Las Vegas. With data breaches happening almost on a monthly basis these days, everyone is turning to encryption in order to protect their information.…
Decrypting iPhone Apps
This blog post steps through how to convert encrypted iPhone application bundles into plaintext application bundles that are easier to analyse. Requirements: 1) Jailbroken iPhone with OpenSSH, gdb plus other utilities (com.ericasadun.utilities etc. etc.) 2) An iPhone app 3) On your machine: otool (comes with iPhone SDK) Hex editor (0xED, HexWorkshop etc.) Ida – Version 5.2 through 5.6 supports remote debugging of iPhone applications (iphone_server). For this article, I will…
Decrypting Symantec BackupExec passwords
BackupExec agent is often among common services found on the internal pen tests. The agent software stores an encrypted “logon account” password in its backend MS SQL database (LoginAccounts table). These accounts include the “system logon account” which is used to run agent services and an optional number of active directory accounts that are used to access resources over the network. The following scenarios can result in access to encrypted…
Two quick links on “how your app got hacked, even though it looked ok”
The first one from hacker news, aptly titled “How I Hacked Hacker News (with arc security advisory)” and the 2nd, a welcome-back-to-the-blogosphere-tptacek post on the matasano blog: [Typing The Letters A-E-S Into Your Code? You’re Doing It Wrong!] /mh PS. for those going, man i wish someone would break down the important crypto stuff for me in a way thats understandable without being patronizing, there is Chris Eng and his…
Chris Eng 1 – 0 Verizon DBIR Cover
Chris Eng over [at the Veracode blog] documents how he approached, and decoded the info behind the [2009 Verizon Data Breach Investigations Report ] Its an interesting read, and although in the end it turned out to be just a [Vigenère cipher] and fell to (effectively) a [known plaintext attack], its def. worth the few minutes it will take to read..
Page 1 of 1