Events
by Rafael Schaefer

Troopers Netmon

Hi everybody,

Christopher talked already about our WiFi Network during the IPv6 Security Summit and mentioned our monitoring system (we like to call “netmon”). As there were quite some people interested in the detailed setup and configuration, we would like to share the details with you. This year we used a widely known frontend called Grafana and as backend components InfluxDB and collectd. During Troopers the monitoring system was public reachable over IPv6 and provided statistics about Uplink Bandwidth, IP Protocol Distribution, Clients and Wireless Bands.

Continue reading “Troopers Netmon”

Continue reading
Events
by Prof. Dr.-Ing. Andreas Dewald

Generic RAID Reassembly using Block-Level Entropy

DFRWS EU 2016 Talk Forensic Raid Recovery
DFRWS EU 2016 Talk Forensic Raid Recovery

We just presented our Paper “Generic RAID Reassembly using Block-Level Entropy” at the DFRWS EU 2016 digital forensics conference (http://www.dfrws.org/). The article is about a new approach that we developed for forensic RAID recovery. Our technique calculates block-wise entropy all over the disks and uses generic heuristics on those to detect all the relevant RAID parameters such as stripe size, stripe map, disk order, and RAID type, that are needed to reassemble the RAID and make the data accessible again for forensic investigations (or just for data recovery).

We developed an open source implementation of our approach that is freely available at https://www1.cs.fau.de/content/forensic-raid-recovery/. The tool is able to recover RAID 0, RAID 1 and RAID 5 volumes from the single disks or disk images.
It is also able to recover a missing or failed disk in case of RAID 5 systems from the RAID redundancy information.

Continue reading “Generic RAID Reassembly using Block-Level Entropy”

Continue reading
Events
by Niki Vonderwell

IPv6 Security Summit – Track 2

The Troopers experience will never be the same without the “IPv6 summit”. It is one of kind of two-day special event where different security experts gather to discuss IPv6 current challenges. It addresses different topics ranging from a broad introduction of the IPv6 to how secure the protocol  is and what  the latest standards are.

The summit is divided into 2 different tracks that run simultaneously. For the first day on the second track, Christopher Werny and Rafael Schaefer have carried out the first three sessions. Continue reading “IPv6 Security Summit – Track 2”

Continue reading
Events
by Birk Kauer

Attacking Next-Generation Firewalls

Felix Wilhelm presented in his talk various ways to attack his new target – The PA-500 which is produced by Palo Alto Networks.

He discovered vulnerabilities in 3 different exposed aspects of the device. The first vulnerability occurred inside of an unauthenticated API from the Management-Website which could only be accessed within the Admin Network. This vulnerability was a typical off-by-one Command Injection, which could be abused by reaching out to the API with a special client=wget Request.

Continue reading “Attacking Next-Generation Firewalls”

Continue reading
Events
by Niki Vonderwell

The Joy of Sandbox Mitigations

This year at TROOPERS16 in Heidelberg we welcomed James Forshaw for his talk about “The Joy of Sandbox Mitigations“.

He is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate. Continue reading “The Joy of Sandbox Mitigations”

Continue reading
Events
by Patrik Fehrenbach

Security Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)

Dear Readers of Insinuator,

tldr;This blogpost presents a measurement study of a current security state regarding to open ports on a direct comparison of IPv4 and IPv6. The study analyses almost 58,000 dual-stacked domains in order to find discrepancies in applied security policies. We further discuss the potential reasons and, more importantly, the implications of the identified differences. \tldr;

For those of you who couldn’t participate at Troopers Conference 2016 in Heidelberg or watch my talk at the IPv6 Security Summit, I want to recap some of the most important parts of my research in this blogpost.

Continue reading “Security Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)”

Continue reading
Events
by Niki Vonderwell

SDR and non-SDR tools for reverse engineering wireless systems

Hey there!
The God of frequencies Michael Ossmann visited us again this year at the TROOPERS16 and showed us how to break another device using a specific setup.

Last time he introduced the HackRF One to us (Read here:https://www.insinuator.net/2014/08/hackrf-one-the-story-continues/), but this post is a short summary of his talk about “Rapid Radio Reversing”, he is a wireless security researcher, who makes hardware for hackers. Best known for the HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.

Continue reading “SDR and non-SDR tools for reverse engineering wireless systems”

Continue reading