Ehacking Tutorial

White House computer network 'hacked' Russia involved



A White House computer network has been breached by hackers, it has been reported.

The unclassified Executive Office of the President network was attacked, according to the Washington Post.

US authorities are reported to be investigating the breach, which was reported to officials by an ally of the US, sources said.
White House officials believe the attack was state-sponsored but are not saying what - if any - data was taken.

So who is behind the White House breach? The government is keeping quiet on that front and is also refusing to comment on how much data was stolen.
However, the Washington Post indicates that the Russian government may be behind the White House breach, a theory based on recent cyberespionage campaigns carried out by Russian hackers, which are believed to be tied to the Russian government. The sources seem to agree, saying that the White House breach is similar to a "state-sponsored campaign."

The Machines That Betrayed Their Masters

Your machine (mobile phone, bluetooth device, router etc etc) may betrayed you and can be used to detect your position or even invade your privacy. They are watching you, stay alert.

The devices we carry betray us to those who want to invade our privacy by emitting uniquely identifiable signals. The most common example is the wireless signals emitted by your mobile phone (even whilst tucked safely into your pocket). Such signals may be used to track you, or be used toward more malicious intent.

This talk will discuss the process the author has gone through to build a resilient, modular, reliable, distributed, tracking framework - originally spawned as a PoC tool in 2012 by the name 'Snoopy'. The dog is back, and with more bite - looking beyond just Wi-Fi. Also, he's now airborne via a quadcopter.

Bluetooth is Watching: Detect the Surveillance Systems

Bluetooth is watching; as The Guardian reports:

Tens of thousands of Britons are being covertly tracked without their consent in a technology experiment which has installed scanners at secret locations in offices, campuses, streets and pubs to pinpoint people's whereabouts.

The scanners, the first 10 of which were installed in Bath three years ago, are capturing Bluetooth radio signals transmitted from devices such as mobile phones, laptops and digital cameras, and using the data to follow unwitting targets without their permission.


Source Code Analyzer for PHP Vulnerabilities - RIPS

The World Wide Web grew rapidly during the last decades and is used by millions of people every day for online shopping, banking, networking, and other activities. Many of these websites are developed with PHP, the most popular scripting language on the Web. However, PHP code is prone to different types of critical security vulnerabilities that can lead to data leakage, server compromise, or attacks against an application’s users. This problem can be addressed by analyzing the source code of the application for security vulnerabilities before the application is deployed on a web server. Novel approach is presented for the precise static analysis of PHP code to detect security vulnerabilities in web applications. As dismissed by previous work in this area, a comprehensive configuration and simulation of over 900 PHP built-in features allows us to precisely model the highly dynamic PHP language. By performing an intra- and inter-procedural data flow analysis and by creating block and function summaries, we are able to efficiently perform a backward-directed taint analysis for 20 different types of vulnerabilities. Furthermore, string analysis enables us to validate sanitization in a context-sensitive manner. Our method is the first to perform fine-grained analysis of the interaction between different types of sanitization, encoding, sources, sinks, markup contexts, and PHP settings. We implemented a prototype of our approach in a tool called RIPS. Our evaluation shows that RIPS is capable of finding severe vulnerabilities in popular real world applications: we reported 73 previously unknown vulnerabilities in five well-known PHP applications such as phpBB, osCommerce, and the conference management software HotCRP.

What is RIPS

RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis. 

Dropping Docs on Darknets: How People Got Caught

Uploaded document or any other private file on Internet by using TOR or any other proxy, you just got relaxed but do you ever think that you will be getting caught? No; then you must be thinking that way because people trying to de-anonymize you.

In order to get the insight of your private information, you need to understand the overall functionality of darknet and TOR; Adrian Crenshaw has talked about it at Defcon 22.



iSniff GPS WiFi Sniffing Tool

iSniff GPS passively sniffs for SSID probes, ARPs and MDNS (Bonjour) packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based solely on information each device discloses about previously joined WiFi networks.

iOS devices transmit ARPs which sometimes contain MAC addresses (BSSIDs) of previously joined WiFi networks. iSniff GPS captures these ARPs and submits MAC addresses to Apple's WiFi location service (masquerading as an iOS device) to obtain GPS coordinates for a given BSSID. If only SSID probes have been captured for a particular device, iSniff GPS can query network names on wigle.net and visualise possible locations.

By geo-locating multiple SSIDs and WiFi router MAC addresses, it is possible to determine where a device (and by implication its owner) is likely to have been.

Below: Visualisation of WiFi router locations in Melbourne, AU returned by Apple Location Services