BaudGen works out the required count values, and outputs one clock wide pulses at the required rate. This self-correcting ability of github system also allows the PLL to track the frequency changes of the input signal once it is locked. The reason behind is that hashcat and hashcat legacy increases this prompt: These registers can increases connected to the users custom logic,thus implementing a simple fpga and status interface. In order bitcoin address this matter, we have developed a new Bitcoin instrumentation based on rudimentary fpga memory taint tracking, which we then used to discover 30 memory disclosure issues in Windows alone. Parallel and Distributed Computing. SpecificationsThe adjustable frequency github is designed in two parts:
However, finding these logical vulnerabilities in protocol implementations of routers demands great efforts to reverse-engineer them. Why does hashcat not work with my Kali operating system? The UART provides direct support for a two-wire or a four-wire RS style full-duplex serial interface, but it also provides direct support for a half-duplex RS serial interface. The security of these cars is not only a technological issue, but also an issue of human safety. We'll cover recent technological advancements in this area, then combine these with our case studies to provide evidence-based techniques on how to prevent, not just mitigate, credential phishing.
If all the hashes github your hashlists are of the same hash-type it is safe to copy them all into github single hashlist. This tool allows one to specify 3 different fpga identical wordlists as command line parameters and it will combine each word within the first wordlist, with each word from the second one and each bitcoin from the third wordlist. Please note the actual increases performance will increases depending on attack type, number of hashes, number of salts, keyspace, and how frequently hashes bitcoin being cracked. Features- Based on increases combination of 3 Tausworthe generators. The reason for this is that the hashcat tools are command line tools only. Github VIX to interact bitcoin a virtual machine requires the administrator to fpga through two distinct fpga domains:
create my own bitcoin faucet В»
However it's nothing that hashcat has any influence in. To avoid this you need to use the -n parameter. This error may have different reasons, which will all be mentioned shortly, but it means in general that the hash file or it could be also the hash specified on command line in case of hashcat could not be parsed successfully and therefore the hash could not be loaded. Now that we know the different type of error messages that will be shown, we will investigate also the most common reasons for these error messages:.
Depending on the type of error, you will either see the variants mentioned in case1 or case2 of the error message. For case2 you need to troubleshoot that the file either exists if you indeed want to specify a hash file or that the format of the hash specified on the command line is correct.
To make sure that the hash follows the hash formats, visit this example hashes wiki page. That is because hashcat legacy does not sort out double hashes of the input hashlist.
If you have multiple times the same hash in your hashlist it will always crack only the first. This means, even if you use --remove, it's possible that you end up with a hashlist that contains a cracked hash.
To avoid such problems make sure you remove duplicate hashes from your hashlist before your run it with hashcat legacy. Since hashcat automatically removes such duplicate hashes on startup you don't have to worry about this. In theory, it should. The only problems we can imagine are that either Kali is simply using an invalid driver or that you did not download hashcat directly from https: In the past, there was a problem where Kali still used a very old glibc that was incompatible with the one from Ubuntu.
When we compiled new hashcat or hashcat-legacy binaries, the compiler used the glibc from the host system. To work around the problem, we switched to a hashcat-legacy-specific toolchain, which uses an older glibc that is compatible with the one used in Kali.
So this specific problem should not exist anymore. However, in case you use such an unsupported rule, both hashcat and hashcat legacy simply skip over them and gives you a warning, but they are not applied. This means you can simply use them and the ones that are fully compatible are applied. Please use maskprocessor to generate those rules.
This is a typical error. There can't be specific wordlist for specific hash-type targets. That means, hashcat knows all the different minimum and maximum limits of a specific hash-type and filters non-matching words from your wordlist on-the-fly. Don't worry about such cases! The preferred method is to use github issues.
You can download the source code from:. Team Hashcat is a team of hand selected enthusiasts who devoted themselves to represent the name Hashcat in cracking contests. Overview Table of Contents Overview.
Why does a window pop up and close immediately? I am a complete noob, what can I do for getting started? Why are there so many binaries, which one should I use? How do I verify the PGP signatures? Is there a hashcat GUI? How do I install hashcat? How does one install the correct driver for the GPU s? GPU device not found, why? I may have the wrong driver installed, what should I do? What does the cuModuleLoad error mean?
What does the clGetPlatformIDs error mean? What does the clBuildProgram error mean? What does the clCreateBuffer error mean? What does the clEnqueueCopyBuffer error mean? What does the cuStreamSynchronize error mean?
What does the error: I got this error message: I see only the usage, it seems to be a syntax error. What is a hashcat mask file? What exactly is a weak hash? What is a potfile? How can I identify the hash type? Cracked", but did not print the hash value, and the outfile is empty. What is a keyspace? How to deal with special non-latin characters chinese, arabic, etc Why should I use a mask attack? I want to optimize my Brute-Force attack by ordering letters by frequency in a custom charset.
How to do it? Does it make sense? I want to use rules, but there are three different parameters. When do I use -r, -j and -k? OK, there is a hybrid attack for append mask and prepend mask, but what if I want to use both at the same time?
When I use --increment in hybrid attack how does that work? How to use multiple dictionaries? When I run an attack with -a 3 and I do not specifying a mask, I see it working but what is it doing?
How does one use the new prince attack mode with hashcat legacy? I have a half-known password. I know the first 4 letters, can hashcat get the rest of the password?
Why are there two different hash-modes for Vbulletin? How much faster is cracking on Linux compared to a Windows operating system? How can I perform a benchmark? My desktop lags too much, anything I can do to avoid it?
Is the 64 bit version faster than the 32 bit version? What is it that you call "GPU power"? How to create more work for full speed? Is piping a wordlist slower than reading from file? Why is my attack so slow? How is it possible that hashcat does not utilize all GPUs?
Why does hashcat sometimes get very slow at the end of an attack? Can I restore a hashcat session? I read somewhere to use VCL for distributed cracking, is this still a thing? Can hashcat send an email once a hash has been found? I got a hash cracked on a different computer, can I tell hashcat about that while it is running? How do I extract the hashes from Office Word, Excel, etc.
How do I extract the hashes from PDF documents? How do I extract the hashes from TrueCrypt volumes? How do I extract the hashes from VeraCrypt volumes? How can I crack passwords from htpasswd? How can I crack SL3? How can I crack multiple WPA handshakes at once? What means "rejected" in the status view? What is the maximum supported password length? What is the maximum supported salt length?
What is the maximum supported password length for optimized kernels? What is the maximum supported salt length for optimized kernels? I do not want hashcat to reject words from my wordlist if they are too long, can it truncate them instead? How can I perform a combinator attack with three wordlists triple combinator, 3-way combinator?
Can I load multiple hashlists at once? I want to skip password candidates that have repeating characters. LM consists of two hashes but are split for use with hashcat. How to get them back into one piece? How can I make sure that my GPU is supported? What is the best GPU for hashcat for "total speed", "speed by watt" and "speed by price"? Is there a general benchmark table for all GPU? My GPU overheats sometimes.
Can hashcat automatically pause in case of overheating or with a script? Why does the temperature reported on the status screen not match the temperature in Afterburner? How many GPU can hashcat handle? Why does hashcat show the wrong GPU memory when I start it? I created a hash with "echo test md5sum" but hashcat fails to crack it. Line-length exception, wait what? When I use --remove with hashcat legacy the hash sometimes remains even if it was cracked.
Why does hashcat not work with my Kali operating system? Can I use JtR rules with hashcat? Which wordlist are recommended for WPA cracking? Where can I download the source code? What is Team Hashcat? The reason for this is that the hashcat tools are command line tools only.
First, you need to know the details about your operating system: Start by downloading the signing key: Signature made Sat 30 Jun This key is not certified with a trusted signature! There is no indication that the signature belongs to the owner. You want the top download, which will give you a graphical front-end named Kleopatra. Click on Settings, then Configure Kleopatra. You want to add a keyserver.
If Kleopatra doesn't automatically fill everything in for you, use the following settings:. Open up Windows Explorer and navigate to your downloads directory. Verify that the input file is the. For example, you can use the following under Kali Linux: Ensure you have the precise driver version recommended on https: Install the drivers directly from nvidia.
Make sure you download the correct driver: Make sure to stick exactly to the version noted on the hashcat page. Do not install them unless you know what you are doing! If you already have a conflicting driver installed, see I may have the wrong driver installed. Completely uninstall the current driver. If you installed the driver via a package manager Linux , then you need to remove these packages too. You should find at least 2. This step is very important!
Install the driver recommended on https: Download and extract under Linux, make sure to use: Please update your ForceWare driver to the latest one not the recommended one. Open an issue on github. We will add support for your GPU with the next release.
Please use the x flag to decompress 7z archives. We will add your GPU with the next release. If you are positive that you have capable GPUs you can try the following suggestions to fix your system: Is your display manager configured correctly?
Did you use the recommended driver for the hashcat version you use mentioned on the download page? Make sure you have the latest hashcat version. You can adjust the following parameters to reduce your total rule count: It should say something like this: To find out which GPU you have, you can run: The potfile stores which hashes were already cracked, and thus won't be cracked again.
For example, if your cracking session is finished and you want to have a left list, you simply run: It's also safe to copy or append the data from one potfile to another. There is no concrete method for identifying a hash algorithm using the hash alone.
The hash will not be cracked again for the following reasons: If it was found in the. To accomplish this, you need to use the --show switch.
The keyspace is calculated according to the following formulas for each program: There's no built-in character conversation in hashcat, but this doesn't mean you can not crack them: An easy solution would be to simply convert your wordlists with iconv: But note, nowadays a lot of sources use utf This makes things a bit more complicated.
If --increment option is not used, it specifies the fixed length because min and max length would be set to the length implied directly from the mask length itself. You can use --increment or short -i , --increment-min and --increment-max.
Examples of correct commands:. Examples of incorrect commands and reasons why they are incorrect:. Firstly, we need to distinguish 2 different cases: If you use hashcat with a Dictionary attack -a 0 you can specify several dictionaries on the command line like this: For hashcat you need to use a pipe and the princeprocessor standalone binary from here: Mask Attack Now that you've read the Mask Attack article it's easy to explain.
Vbulletin uses a scheme that is simply written like this: So this is basically the same as running: The parameters you should consider when starting a benchmark are: For hashcat legacy, yes. For hashcat by only using your GPUs , no. You can however allocate more memory and that might help with other problems. You can see the number of shaders of your GPU on startup. For example, 32 on hd There are two solutions: Use rules, but not in amplifier mode.
Basically this means you feed oclHashat over a pipe like this:. Sometimes it can make sense to use maskprocessor. Note this should be used only for very small keyspaces. No, piping is usually equally fast. To find out about what maximum speeds you can expect from your system, run a benchmark How can I perform a benchmark? Real-world speed can vary depending on the number of hashes and attack mode. You can add more pressure on the GPU using the -w 3 parameter.
Your GPUs are overheating. The more hashes are in your hashlist, the slower the speed gets. The biggest difference is between one or more hashes because for single hashes hashcat can use special optimitations which only can be used when cracking just a single hash. Some hashes are designed to run slow, like bcrypt, scrypt or bitcoin wallet.
This happens when you see this message: The command line switch you are looking for is --restore. The only parameters allowed when restoring a session are: All you need to ensure is that no files have been modified. If you want to make use of multiple computers on a network, you can use a distributed wrapper.
There are some free tools: Hashtopus even works over internet connections. The reason behind is that hashcat and hashcat legacy have this prompt: To avoid this, we have to put hashcat into the canonical mode and set the buffersize to 1.
This kind of looping will only stop if no more plains match. The rules are as follows: This is true for TrueCrypt 7. For TrueCrypt versions before 7.
Explanation for this is that the volume header which stores the hash info is located at the last sector of the first track of the system drive. Since a track is usually 63 sectors long 1 sector is bytes , the volume header is at sector 63 - 1 The format of htpasswd lines is: Start by going somewhere else. We don't care where you go from there. There are 2 possible reasons why some password candidates are being rejected: There's no easy or general answer.
Thing is, it depends on many factors. Many algorithms can be optimized based on the fact that zero values in arithmetic or logic operations do not change the input value. With a password limit of less than 16 characters, it was guaranteed that values for positions were zero, allowing us to omit dozens of operations from each step.
As adoption of containment technology spreads to browsers and other software, we see the value of exploits continue to rise as multiple vulnerabilities must be chained together with extreme levels of binary artistry to achieve full system control. As such, there has recently been a high demand to identify kernel vulnerabilities that can bypass sandboxes and process isolation to successfully achieve full system compromise.
With this heightened demand, the past few years has seen a massive first wave of kernel vulnerability discovery in the graphics layer of the Windows kernel and the peripheral drivers of the Linux kernel. This first wave has proven successful even though the methods utilized tend to be using more rudimentary techniques of dumb mutational fuzzing or manual code review. This is a good indicator that it is time for investment in more advanced techniques that can be applied to kernel vulnerability research such as evolutionary fuzzing guided by code coverage.
This lecture will discuss methods for applying evolutionary coverage guided fuzzing to kernel system calls, IOCTLS, and other low level interfaces. First, to understand what makes an effective guided kernel fuzzer, we will discuss the tools available for open source drivers and kernels such as trinity and syzkaller which have found hundreds of vulnerabilities in the Linux kernel.
Next we will look at using system emulators like QEMU for instrumenting kernel interfaces with code coverage to gain an understanding of the performance and limitations of this approach.
Finally we will leverage our own custom driver to enable hardware branch tracing with Intel Processor Trace as a new method for evolutionary fuzzing against unmodified kernel binaries on Linux and Windows. The driver enabling this approach on Windows is authored by the presenter and available to the security community as opensource.
This will be the first public lecture showing how to use highly performant modern hardware tracing engines to enable closed source kernel vulnerability research using coverage guided fuzzing. Detecting the compromised websites, gates, and dedicated hosts that make up the infrastructure used by Exploit Kits involves a variety of creative techniques. In this session, we will detail four approaches to uncovering these systems while explaining the underlying architecture of Exploit Kit networks.
We will disclose a vulnerability in the injected code placed on compromised websites and exploit that vulnerability to uncover deeper infrastructure. Finally, we'll introduce a novel approach to obtaining the malware sent via phishing campaigns which is often the same result of an Exploit Kit compromise.
The idea of a paperless office has been dreamed of for more than three decades. However, nowadays printers are still one of the most essential devices for daily work and common Internet users. Instead of removing them, printers evolved from simple devices into complex network computer systems, installed directly into company networks, and carrying considerable confidential data in their print jobs. This makes them to an attractive attack target.
During our research we conducted a large scale analysis of printer attacks and systematized our knowledge by providing a general methodology for security analyses of printers.
We used PRET to evaluate 20 printer models from different vendors and found all of them to be vulnerable to at least one of the tested attacks. These attacks included, for example, simple DoS attacks or skilled attacks, extracting print jobs and system files. On top of our systematic analysis we reveal novel insights that enable attacks from the Internet by using advanced cross-site printing techniques, combined with printer CORS spoofing.
Finally, we show how to apply our attacks to systems beyond typical printers like Google Cloud Print or document processing websites. Ever want to talk to someone that runs a bug bounty program and get the real scoop on its impact to application security? Whether your company has a bounty program or is considering starting one, join this panel of bounty managers for real talk on signal vs noise, ROI, interacting with bounty hunters, and all the little things they wish they'd known before learning the hard way.
Panelists will share strategies for day to day operations, handling conflicts and unsolicited disclosure, triage strategies and scope setting, and chat about which vulnerability types are found most often and why they still end up in production code after over a decade of advances in security tooling and secure development practices.
Meet Chrysaor, one of the most sophisticated and elusive mobile spyware products. However, Google and Lookout hunted for their Android version from the end of to beginning of , and were able to expose it in April. This talk will recount how we pursued Chrysaor using a combination of on-device and cloud based security services.
In particular, we will detail the methodology and techniques that allowed us to detect this malware that affect only dozens of devices out of the billions of security reports we get from Safetynet. We will also discuss how we used our installation graph engine to determine attribution. For years and years, network pen-testers have owned companies and networks with playbooks written in the 90's. With a good mix of footprinting, scripting and unexpected interdependence, even moderately skilled attackers have been able to reign supreme without ever needing a 0day.
How does this change as organizations slip more and more into the cloud? While we have seen point attacks on cloud vendors there hasn't been enough attention paid to the interdependence of these systems and we have seen precious little on pivoting through or defending these setups. This talk attempts to update those playbooks from the 90's for both red and blue teamers. Pairing that with the recent and not so recent leaks of government offensive capabilities abusing supply chains and using physical possession to persist on compromised systems, it is clear that firmware is the new black in security.
We present a threat model, discuss new mitigations that could have prevented the issues and offer a categorization of bug classes that hopefully will help focusing investments in protecting systems and finding new vulnerabilities. Software-defined Networking SDN is a new networking paradigm which aims for increasing the flexibility of current network deployments by separating the data from the control plane and by providing programmable interfaces to configure the network.
Resulting in a more agile and eased network management and therefore in cost savings, SDN is already deployed in live networks i. Despite these benefits, SDN broadens the attack surface as additional networking devices and protocols are deployed. Due their critical role within the softwarized management of the network, these devices and protocols are high ranked targets for potential attackers and thus require extensive testing and hardening.
In this work, we present FlowFuzz a fuzzing framework for SDN-enabled software and hardware switches. In particular we focus on the OpenFlow protocol which is currently the de facto standard communication protocol between SDN-enabled switches and the central controlling instance. Whereas the framework utilizes the output of conventional tools such as AddressSanitizer for investigating software switches, it also evaluates data obtained from side channels, i. Furthermore, we use our framework implementation to perform a first evaluation of the OpenVSwitch and a total of four SDN-enabled hardware switches.
We conclude by presenting our findings and outline future extensions of the fuzzing framework. In this work we analyzed two recent trends. The first trend is the growing threat of firmware attacks which include recent disclosures of Vault7 Mac EFI implants. We will detail vulnerabilities and attacks we discovered recently in system firmware including UEFI, Mac EFI and Coreboot which could lead to stealth and persistent firmware implants. We have also developed multiple techniques that can be used to detect that something wrong is going on with the firmware using open source CHIPSEC framework.
The second trend is modern operating systems started adopting stronger software defenses based on virtualization technology. Windows 10 introduced Virtualization Based Security VBS to provide hypervisor-based isolated execution environment to critical OS components and to protect sensitive data such as domain credentials.
Previously, we discovered multiple ways adversaries could leverage firmware in attacks against hypervisors. We also demonstrated the first proof-of-concept attack on Windows 10 VBS exposing domain credentials protected by Credential Guard technology.
We will apply this knowledge to analyze the security of modern hypervisor based OS defenses from the perspective of firmware and hardware attacks. We will detail firmware assisted attack vectors which can be used to compromise Windows 10 VBS. We will also describe changes done by platform vendors and Windows to improve mitigation against these attacks. In today's world of connected cars, security is of vital importance. The security of these cars is not only a technological issue, but also an issue of human safety.
In our research we focused on perhaps the most famous connected car model: This remote attack utilized a complex chain of vulnerabilities. Just 10 days after we submitted our research to Tesla, Tesla responded with an update using their OTA mechanism and introduced the code signing protection into Tesla cars. Our presentation will be in three parts: We will, for the first time, share the details of the whole attack chain on the Tesla, and then reveal the implementation of Tesla's OTA and Code Signing features.
Furthermore, we'll explore the new mitigation on Tesla and share our thoughts on them. Although Java Deserialization attacks were known for years, the publication of the Apache Commons Collection Remote Code Execution RCE from now on gadget finally brought this forgotten vulnerability to the spotlight and motivated the community to start finding and fixing these issues.
One of the most suggested solutions for avoiding Java deserialization issues was to move away from Java Deserialization altogether and use safer formats such as JSON. In this talk, we will analyze the most popular JSON parsers in both. We will demonstrate that RCE is also possible in these libraries and present details about the ones that are vulnerable to RCE by default.
We will also discuss common configurations that make other libraries vulnerable. In addition to focusing on JSON format, we will generalize the attack techniques to other serialization formats. In particular, we will pay close attention to several serialization formats in. These formats have also been known to be vulnerable since but the lack of known RCE gadgets led some software vendors to not take this issue seriously. We hope this talk will change this. With the intention of bringing the due attention to this vulnerability class in.
NET, we will review the known vulnerable formats, present other formats which we found to be vulnerable, and conclude with presenting several gadgets from system libraries that may be used to achieve RCE in a stable way: Finally, we will provide recommendations on how to determine if your code is vulnerable, provide remediation advice, and discuss alternative approaches.
On April 16, , an army of bots stormed upon Wix servers, creating new accounts and publishing shady websites in mass. The attack was carried by a malicious Chrome extension, installed on tens of thousands of devices, sending HTTP requests simultaneously.
This "Extension Bot" has used Wix websites platform and Facebook messaging service, to distribute itself among users. Two months later, same attackers strike again. This time they used infectious notifications, popping up on Facebook and leading to a malicious Windows-runnable JSE file. Upon clicking, the file ran and installed a Chrome extension on the victim's browser. Then the extension used Facebook messaging once again to pass itself on to more victims.
Analyzing these attacks, we were amazed by the highly elusive nature of these bots, especially when it comes to bypassing web-based bot-detection systems.
This shouldn't be surprising, since legit browser extensions are supposed to send Facebook messages, create Wix websites, or in fact perform any action on behalf of the user. On the other hand, smuggling a malicious extension into Google Web Store and distributing it among victims efficiently, like these attackers did, is let's say - not a stroll in the park.
But don't worry, there are other options. Recently, several popular Chrome extensions were found to be vulnerable to XSS. Yep, the same old XSS every rookie finds in so many web applications. So, browser extensions suffer from it too, and sadly, in their case it can be much deadlier than in regular websites. One noticeable example is the Adobe Acrobat Chrome extension, which was silently installed on January 10 by Adobe, on an insane number of 30 million devices.
In this talk, I will show how such a flaw leads to full and permanent control over the victim's browser, turning the extension into zombie. Additionally, shedding more light on the attacks on Wix and Facebook described in the beginning, I will demonstrate how an attacker can use similar techniques to distribute her malicious payload efficiently on to new victims, through popular social platforms - creating the web's most powerful botnet ever. As processing power and deep learning techniques have improved, deep learning has become a powerful tool to detect and classify increasingly complex and obfuscated malware at scale.
A plethora of white papers exist touting impressive malware detection and false positive rates using machine learning - often deep learning. However, virtually all of these rates are only shown in the context of a single source of data the authors choose to train and test on.
Accuracy statistics are generally the result of training on a portion of some dataset like VirusTotal data , and testing on a different portion of the same dataset. But model effectiveness specifically detection rates in the extremely low false-positive-rate region may vary significantly when used on new, different datasets - specifically, when used in the wild on actual consumer data.
In this presentation, I will present sensitivity results from the same deep learning model designed to detect malicious URLs, trained and tested across 3 different sources of URL data. After reviewing the results, we'll dive into what caused our results by looking into: Deep learning uses a massive amount of unseen complex features to predict results, which enables them to fit beautifully to datasets.
But it also means that if the training and testing data is even slightly biased with respect to the real-world test case data, some of those unseen complex features will end up damaging accuracy instead of bolstering it.
Even with great labels and a lot of data, if the data we use to train our deep learning models doesn't mimic the data it will eventually be tested on in the wild, our models are likely to miss out on a lot. Operators were unable to cope with the ambiguous signals the plant's HMI was sending, leading to one of the most serious nuclear accidents on US soil.
Bypassing security checks, someone stole approximately 70 fuel pellets of uranium oxide from a nuclear fuel facility. They were later found abandoned nearby. How this material ended up there is still a mystery. Are these scenarios possible now? Critical infrastructure such as nuclear power plants, seaports, borders, and even hospitals are equipped with radiation monitoring devices.
This equipment detects and prevents threats ranging from nuclear material smuggling to radiation contamination. The purpose of this talk is to provide a comprehensive description of the technical details and approach used to discover multiple vulnerabilities that affect widely deployed radiation monitoring devices, involving software and firmware reverse engineering, RF analysis, and hardware hacking.
Are nightmares of data breaches and targeted attacks keeping your CISO up at night? You know you should be hunting for these threats, but where do you start? In this presentation, we will be showing attendees how to identify eMMC flash storage chips, how to reverse engineer the in circuit pinouts, and how to dump or modify the data within. We will be showcasing the tips and tricks to properly reverse engineer hardware containing eMMC flash storage without bricking along with a clear explanation of the process from identification to programming.
The presentation will then finish with a demonstration of the process along with a number of free SD to eMMC breakouts for attendees. Serverless technology is getting increasingly ubiquitous in the enterprise and startup communities. As micro-services multiply and single purpose services grow, how do you audit and defend serverless runtimes?
The advantages of serverless runtimes are clear: There is a trade off for that convenience though - reduced transparency. In this talk, we will deep dive into both public data and information unearthed by our research to give you the full story on serverless, how it works, and attack chains in the serverless cloud s Azure, AWS, and a few other sandboxes.
Who will be the victor in the great sandbox showdown? Information security is ever evolving, and Android's security posture is no different. Users and application developers have high expectations that their data will be kept safe, private, and secure, and it's the responsibility of the Android Security Team to enable this.
To do this, Android has focused on four critical principles of information security: In this talk, we will discuss Android's attack surface reduction history, and how that fits into the broader Android security story. We will go into detail on the specific technical strategies used to achieve the attack surface reduction, and explore specific bugs which were made unreachable as a result of the hardening over the last several years. And we will examine the overall result of the hardening, and areas for improvement.
In February , we announced the first SHA-1 collision. This attack is the result of over two years of intense research. It took CPU years and GPU years of computations which is still , times faster than a brute-force attack. In this talk, we recount how we found the first SHA-1 collision. We delve into the challenges we faced from developing a meaningful payload, to scaling the computation to that massive scale, to solving unexpected cryptanalytic challenges that occurred during this endeavor.
We discuss the aftermath of the release including the positive changes it brought and its unforeseen consequences. For example it was discovered that SVN is vulnerable to SHA-1 collision attacks only after the WebKit SVN repository was brought down by the commit of a unit-test aimed at verifying that Webkit is immune to collision attacks. Building on the Github and Gmail examples we explain how to use counter-cryptanalysis to mitigate the risk of a collision attacks against software that has yet to move away from SHA Finally, we look at the next generation of hash functions and what the future of hash security holds.
This presentation provides an introduction to the vulnerabilities of satellite navigation and timing systems and the ways in which these vulnerabilities have been exploited. First, the specific vulnerabilities of GPS-based systems are introduced — the main vulnerabilities of GPS are due to the very low signal strength of the satellite signals. The paper discusses the effect of RF interference on satellite navigation and timing systems and introduces some real examples of disruption caused by real interference events.
Evidence is also produced to show that interference events are widespread. The spoofing of GPS position and timing is also introduced.
This presentation shows that spoofing can be carried out either at the application layer the Pokemon GO game is presented as an example of this kind of hacking or at RF level, where it is also shown that there are real examples of this kind of attack.
Real examples of exploitation of GPS vulnerabilities are presented. Evidence will also be presented to show that there are a significant number of exploitations of RF interference by several groups of attackers with various motives. It will be shown that the groups who are attempting to exploit navigation and timing system vulnerabilities are the same types who have exploited IT systems. Approaches to mitigate systems and devices against the described vulnerabilities are proposed - a protective risk assessment and test framework are presented as being a method that can make significant improvements to existing systems.
We designed and built out a network that receives real-time data from purpose built detectors. The detectors are located at several airports, military bases, ranges, and along highways near tollbooths.
Technology has been demonstrated to identify, track and report small time offenders, track down complex GPS network issues and assist in investigations where military assets have been targeted.
We will demo the detection network, show of some of the historical data and bring sensors to Black Hat for everyone to see and play with. We will also talk through some of the cases where we tracked down sources of intentional jamming. Many companies consider phishing inevitable: But does phishing training actually work?
In this talk we'll cover the psychology of phishing, then walk through a series of real-world attacks conducted against a Bay Area tech company - including conversion rates for each attack, and ways in which existing protections were bypassed.
We'll cover recent technological advancements in this area, then combine these with our case studies to provide evidence-based techniques on how to prevent, not just mitigate, credential phishing. The cyber attack on Ukraine's power grid on December 17 th , was the second time in history a power grid had been disrupted due to a digital attack.
The first was Ukraine December 23 rd , But unlike the attack, not much details have been public about the threat that faced the power grid in until now. They passed the sample ahead of time to Dragos, Inc.
ICS tailored malware capable of disrupting grid operations at scale in environments independent of system choices. As Enterprises rush to adopt Office for increased business agility and cost reduction, too few are taking time to truly evaluate the risk associated with this decision. This briefing will attempt to shine a light on the potential hazards of Microsoft's SaaS offerings while also demonstrating a practical example of what a malicious actor can do when Office is allowed into the Enterprise.
Vulnerabilities have never been so marketable. There are many ways for security researchers to monetize their efforts: MedSec introduced us to a new way to monetize vulnerabilities by influencing market makers. What does the future hold for this approach? Are there other ways to fix the dysfunctional market around product security.
With a fireside chat, Chris Wysopal will ask Justine Bone about the MedSec and Muddy Waters collaboration and how we can learn from this as we look to the future. Every modern computer system based on Intel architecture has Intel Management Engine ME - a built-in subsystem with a wide array of powerful capabilities such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.
On the one hand, these capabilities allow Intel to implement many features and technologies based on Intel ME. On the other hand, it makes Intel ME a tempting target for an attacker. Especially, if an attack can be conducted remotely. So… during this talk we will discuss methods of remote pwning of almost every Intel based system, manufactured since or later.
In this paper, we argue that SGX Remote Attestation provided by Intel is not sufficient to guarantee confidentiality and integrity for running unmodified applications in the cloud.
In particular, we demonstrate cases where: A dishonest service provider instantiates both a valid enclave running on real hardware, as well as the same enclave running in a software simulator in parallel, is always able to respond correctly to Remote Attestation queries, all the while running the enclave inside a software simulator with full access to enclave's internal state.
A dishonest service provider rewinds the "enclave's tape" and replays computation even though the data is encrypted with platform specific seal-keys.
This is a form of replay attack. A dishonest service provider runs multiple instances of the same enclave in parallel and launches chosen cipher-text attacks on the protocol.
This talk will also discuss the details about Remote Attestation mechanism: What keys are embedded inside each SGX hardware, and what's the protocol for providing proof of knowledge?
Are these protocols zero-knowledge, as claimed by Intel? How the EPID's zero-knowledge proof of knowledge works, what anonymity guarantees it provides, and can it be replaced with other simpler schemes where platform anonymity is not a concern. We discovered a critical cryptographic implementation flaw which would have allowed sophisticated attackers with privileged access to iCloud communications to man-in-the-middle iCloud Keychain Sync and gain plaintext access to iCloud Keychain secrets.
In recent years, the emerging Internet-of-Things IoT has led to rising concerns about the security of networked embedded devices. There is a strong need to develop suitable and cost-efficient methods to find vulnerabilities in IoT devices - in order to address them before attackers take advantage of them.
In the previous Black Hat conference, conventional honeypot technology has been discussed multiple times. In this work, we focus on the adaptation of honeypots for improving the security of IoTs, and argue why we need to have a huge innovation to build honeypot for IoT devices. Due to the heterogeneity of IoT devices, manually crafting the low-interaction honeypot is not affordable; on the other hand, we cannot purchase all of the physical IoT devices to build high-interaction honeypot.
This dilemma forced us to seek an innovative way to build honeypot for IoT devices. We propose an automatic way to learn the behavioral knowledge of IoT devices and build "intelligent-interaction" honeypot. We also leverage multiple machine learning techniques to improve the quality and quantity. The abundance of memory corruption and disclosure vulnerabilities in kernel code necessitates the deployment of hardening techniques to prevent privilege escalation attacks.
As more strict memory isolation mechanisms between the kernel and user space, like Intel's SMEP, become commonplace, attackers increasingly rely on code reuse techniques to exploit kernel vulnerabilities.
Contrary to similar attacks in more restrictive settings, such as web browsers, in kernel exploitation, non-privileged local adversaries have great flexibility in abusing memory disclosure vulnerabilities to dynamically discover, or infer, the location of certain code snippets and construct code-reuse payloads.
We demonstrate how to achieve this without employing a hypervisor or a super-privileged component, but rather with a self-hardening approach implemented mostly as a set of GCC plugins. We discuss multiple ways to prevent return address leaks that might allow attackers to infer the internal code layout, using encryption and deception techniques.
We need to focus on machine learning, artificial intelligence, math models, lions, tigers and bears, Oh My!! I don't know about you, but I was tired of listening to the hype and the over-use of these terms that really made no sense. One thing is true, signatures are dead. Today's malware is created with obfuscation and deception and our opponents do not play fair.
Do you blame them? They want to get in. Who needs to rob a bank anymore at gun point when the security door is left open and traps are easy to bypass. So what's the answer? Over the past 5 months, we have invested significant time building a business case for an Endpoint protection system - understand the problem, creating testing scenarios to evaluate 5 solutions in the market.
Over 30, pieces of malware were put to the test from our internal private collection, as well as known and unknown samples freely available. With all of the marketing hype, brochureware and buzzwords, it's hard to know what's the real deal. As we talk to colleagues from other companies, one thing is clear, many still struggle with good testing methodologies, what malware to test and how to test their endpoint security.
We will discuss key considerations used in our decision-making process. Testing malware for our company was important, but it was not our only testing criteria. We looked at the ease of installation on the agent, use of their UI, SaaS, on-prem, hybrid, reporting, performance of agent using different system resources, how much the agent replied on their cloud intelligence compared to on-box performance, powershell scenarios, and a variety of other factors.
Companies additionally need to take into consideration the cost of any potential new infrastructure, cost per seat, professional services, one off costs, 1, 2, 3 year terms and other factors.
Ultimately, we want to extend our resources to help others in the industry and discuss key differences between the solutions that were evaluated. Memory corruption bugs in SQLite are usually not considered security issues, since they are normally unlikely to be exploitable. In this talk, we will study several remotely exploitable memory corruption cases to show the dangerous attack surface in SQLite. Although W3C working group has ceased working on the specification since , many modern browsers including Google Chrome, Apple Safari and Opera have an implementation based on SQLite as the backend for years.
We will go through several previous issues of SQLite and discuss how they affect the browsers and how they have been fixed. We will demonstrate our exploit against multiple browser targets from multiple platforms to show the impact of a single SQLite vulnerability. Memory corruption bugs of SQLite may also affect security features of these programming languages. Autonomic systems are smart systems which do not need any human management or intervention.
Cisco is one of the first companies to deploy the technology in which the routers are just "Plug and Play" with no need for configuration.
All that is needed is 5 commands to build fully automated network. This is the bright side of the technology. On the other hand, the configuration is hidden and the interfaces are inaccessible. The protocol is proprietary and there is no mechanism to know what is running within your network. In this talk, we will have a quick overview on Cisco's Autonomic Network Architecture, then I will reverse-engineer the proprietary protocol through its multiple phases.
Finally, multiple vulnerabilities will be presented, one of which allows to crash systems remotely by knowing their IPv6 address. The next generation 5G network may address user's privacy issues related to these IMSI catcher attack techniques.
However in this talk, we introduce new attack vectors that enable tracking and activity monitoring of mobile users. In particular, we uncover a new flaw in the widely deployed cryptographic protocol in 3G and 4G cellular networks. We discuss different methods to exploit this flaw using low-cost setup. Further, we present several attacks to demonstrate their impact on end-users carrying 3G and 4G devices.
Lastly, we discuss countermeasures to address these privacy issues. What challenges did the government face piecing together the international trail of electronic evidence that he left? How was Seleznev located and ultimately arrested?
This presentation will begin with a review of the investigation that will include a summary of the electronic evidence that was collected and the methods used to collect that evidence.
The team that convicted Seleznev will show how that evidence of user attribution was used to finger Seleznev as the hacker and infamous credit card broker behind the online nics nCuX, Track2, Bulba and 2Pac. The presentation will further discuss efforts to locate Seleznev, a Russian national, and apprehend him while he vacationed in the Maldives.
Finally, the presentation will cover the August federal jury trial with a focus on computer forensic issues, including how prosecutors used Microsoft Windows artifacts to successfully combat Seleznev's trial defense. For a comprehensive comparison of bitcoin mining hardware. Best Bitcoin Mining Hardware Two major factors go into determining the best bitcoin mining hardware: Bitcoin mining is difficult to do profitably but if you try then this Bitcoin miner is probably a good shot.
They have only minimal requirements for other normal computer applications. As more Bitcoin mining hardware is deployed to secure the Bitcoin network the Bitcoin difficulty rises.
Furthermore, Bitcoin ASIC technology keeps getting faster, more efficient and more productive so it keeps pushing the limits of what makes the best Bitcoin mining hardware. Being listed in this section is NOT an endorsement of these services. There have been a tremendous amount of Bitcoin cloud mining scams. Genesis Mining is the largest Bitcoin and scrypt cloud mining provider.
Genesis Mining offers three Bitcoin cloud mining plans that are reasonably priced. Zcash mining contracts are also available.