Kevin Fu is an Associate Professor at the University of Michigan where he directs the Archimedes Center for Medical Device Security and cofounded Virta Labs. At Troopers 16 he held a talk in the field of his research: medical device security. Continue reading “Medical Device Security: Hack or Hype”
Continue readingMonth: March 2016
Troopers 16: Wireshark in IP version 6
Wireshark in IP version 6 workshop was a part of IPv6 summit sessions of Troopers 16. It was held by Jeffery Carrell on the second day of IPv6 summit on Tuesday, the 15th of March. The workshop was generally divided into two sections: a short introduction to IPv6 and analyzing some IPv6 packets on Wireshark.
Continue reading “Troopers 16: Wireshark in IP version 6”
Continue readingIPv6 Security Summit – Track 2
The Troopers experience will never be the same without the “IPv6 summit”. It is one of kind of two-day special event where different security experts gather to discuss IPv6 current challenges. It addresses different topics ranging from a broad introduction of the IPv6 to how secure the protocol is and what the latest standards are.
The summit is divided into 2 different tracks that run simultaneously. For the first day on the second track, Christopher Werny and Rafael Schaefer have carried out the first three sessions. Continue reading “IPv6 Security Summit – Track 2”
Continue readingTroopers 16 USB Condom
At times with many many digitally transmittable diseases, protection might be more important than ever. When connecting your smartphone to a rogue charger, or a foreign smartphone to your own laptop, you never now what will happen. You never know what data crosses the lines. But there is help: A USB condom!
Continue reading “Troopers 16 USB Condom”
Continue readingAttacking Next-Generation Firewalls
Felix Wilhelm presented in his talk various ways to attack his new target – The PA-500 which is produced by Palo Alto Networks.
He discovered vulnerabilities in 3 different exposed aspects of the device. The first vulnerability occurred inside of an unauthenticated API from the Management-Website which could only be accessed within the Admin Network. This vulnerability was a typical off-by-one Command Injection, which could be abused by reaching out to the API with a special client=wget Request.
Continue reading “Attacking Next-Generation Firewalls”
Continue readingThe Joy of Sandbox Mitigations
This year at TROOPERS16 in Heidelberg we welcomed James Forshaw for his talk about “The Joy of Sandbox Mitigations“.
He is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate. Continue reading “The Joy of Sandbox Mitigations”
Continue readingSecurity Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)
Dear Readers of Insinuator,
tldr;This blogpost presents a measurement study of a current security state regarding to open ports on a direct comparison of IPv4 and IPv6. The study analyses almost 58,000 dual-stacked domains in order to find discrepancies in applied security policies. We further discuss the potential reasons and, more importantly, the implications of the identified differences. \tldr;
For those of you who couldn’t participate at Troopers Conference 2016 in Heidelberg or watch my talk at the IPv6 Security Summit, I want to recap some of the most important parts of my research in this blogpost.
Continue reading “Security Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)”
Continue readingSDR and non-SDR tools for reverse engineering wireless systems
Hey there!
The God of frequencies Michael Ossmann visited us again this year at the TROOPERS16 and showed us how to break another device using a specific setup.
Last time he introduced the HackRF One to us (Read here:https://www.insinuator.net/2014/08/hackrf-one-the-story-continues/), but this post is a short summary of his talk about “Rapid Radio Reversing”, he is a wireless security researcher, who makes hardware for hackers. Best known for the HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.
Continue reading “SDR and non-SDR tools for reverse engineering wireless systems”
Continue readingReflections on the IPv6-only WiFi Experience during Troopers
Hello,
Troopers is (unfortunately) over. It was a blast (but I may be biased ;-))! After things have settled, I want to take the opportunity to reflect my thoughts and impressions on the IPv6-only WiFi we had deployed during the conference. To make sure that everybody is on the same page let’s start at the beginning.
In the last couple of years we had provided Dual-Stack connectivity on the main “Troopers” SSID but also had an additional IPv6-only SSID. This year we decided to spice things up and made the “Troopers“ SSID IPv6-only (with NAT64) while providing Dual-Stack connectivity on the “Legacy“ SSID. We wanted to get a feeling how many clients and applications can work properly in an IPv6-only environment. We intentionally didn’t announce it vastly beforehand, hoping that attendees would just connect to the main SSID without noticing anything. We were aware that some applications might expose issues but, as I said , we wanted to get a feeling to which degree problems actually occured. Continue reading “Reflections on the IPv6-only WiFi Experience during Troopers”
Continue readingClassic Web Vulns Found in Google Search Appliance 7.4
I’ve recently found some sort of classic web vulnerabilities in the Google Search Appliance (GSA) and as they are now fixed [0][1][2], I’d like to share them with you.
First of all, some infrastructure details about the GSA itself. The GSA is used by companies to apply the Google search algorithms to their internal documents without publishing them to cloud providers. To accomplish this task, the GSA provides multiple interfaces including a search interface, an administrative interface and multiple interfaces to index the organization’s data. Continue reading “Classic Web Vulns Found in Google Search Appliance 7.4”
Continue reading