Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

DEFCON: Burning the Lookout

Download to read offline

Talk from the DEFCON 26 Packet Hacking Village (PHV) detailing the use of the lawful intercept system Vigia in Brazil.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

DEFCON: Burning the Lookout

  1. 1. Burning the Lookout
  2. 2. ● Senior Security Researcher @ CrowdStrike ● Project Director / Intern @ MalShare ● Project Director @ Project 25499 ● Twitter: @SilasCutler ● Email: silascutler@riseup.net > whoami
  3. 3. Crash course in Lawful Intercept
  4. 4. ● Process, Tools, Ability for Law Enforcement to collect as part of investigations (wiretaps) ○ CALEA (Communications Assistance for Law Enforcement Act) ○ ESTI (European Telecommunications Standards Institute) ● Standard deployment ○ Intercept Access Point (IAP) ○ Mediation Device ○ Lawful Intercept Administration (LIA) Crash course on Lawful Intercept Cell Tower/Modem Provider Network Internet
  5. 5. Vigia
  6. 6. ● Pastebin 2015 ● Poster claimed to have hacked Brazilian Army after they did a CTF ● Post included: ○ 7000 Credentials ○ 3 Websites Backstory
  7. 7. ● Lawful Intercept Suite developed by SunTech Brazil ● (Mediation Device) ○ View intercepted data from service providers ○ Add new surveillance targets ● Where’s it used? Vigia
  8. 8. Hunting for Vigia ● What are distinct artifacts from these systems? ○ SSL ○ DNS ○ Page Content ● Censys / Shodan / Scans.io / Passive DNS for static patterns ○ /vigia/ or /suntech/ present in SSL certificates ○ vigia.<provider domain>
  9. 9. Why it matters
  10. 10. Why it matters ● Potential for unauthorized eavesdropping ● Previous targeting by foreign and domestic attackers ● Likely other similar systems in the wild
  11. 11. 211,046,525
  12. 12. Questions
  13. 13. Thank you // Fin

Talk from the DEFCON 26 Packet Hacking Village (PHV) detailing the use of the lawful intercept system Vigia in Brazil.

Views

Total views

701

On Slideshare

0

From embeds

0

Number of embeds

27

Actions

Downloads

11

Shares

0

Comments

0

Likes

0

×