This document describes how to build surveillance capabilities by exploiting vulnerabilities in internet-connected devices like routers and modems. It discusses identifying devices, injecting code through exploits or firmware modifications, intercepting data, cloning SIM cards for cellular attacks, infecting device hosts, and creating advanced persistent threats between subscribers. The goal is to surreptitiously monitor people without their consent by turning everyday devices into spying tools.
Юнусов Тимур «Особенности проведения социотехнического тестирования на проник...Mail.ru Group
В офисе Mail.Ru Group прошла девятая встреча Defcon Moscow, посвящённая информационной безопасности.
Подробнее о встрече читайте в нашем блоге: http://team.mail.ru/.
В офисе Mail.Ru Group прошла девятая встреча Defcon Moscow, посвящённая информационной безопасности.
Подробнее о встрече читайте в нашем блоге: http://team.mail.ru/.
This document describes how to build surveillance capabilities by exploiting vulnerabilities in internet-connected devices like routers and modems. It discusses identifying devices, injecting code through exploits or firmware modifications, intercepting data, cloning SIM cards for cellular attacks, infecting device hosts, and creating advanced persistent threats between subscribers. The goal is to surreptitiously monitor people without their consent by turning everyday devices into spying tools.
Юнусов Тимур «Особенности проведения социотехнического тестирования на проник...Mail.ru Group
В офисе Mail.Ru Group прошла девятая встреча Defcon Moscow, посвящённая информационной безопасности.
Подробнее о встрече читайте в нашем блоге: http://team.mail.ru/.
В офисе Mail.Ru Group прошла девятая встреча Defcon Moscow, посвящённая информационной безопасности.
Подробнее о встрече читайте в нашем блоге: http://team.mail.ru/.
Мониторинг интернет пространства, Дарья РождественскаяAlex Zagoumenov
Одна из встреч в нижегородском Циферблате. В этот раз Дарья Рождественская говорила о том, за чем нужно и стоит следить в сети, чтобы оставаться конкурентноспособной компанией.
ЗАЩИТОРГ DLP для бизнеса: роскошь или необходимость?BDA
Николай Сорокин, руководитель представительства SearchInform в Сибирском ФО
«DLP для бизнеса: роскошь или необходимость?»
Корпоративная информация как собственность подлежит защите. При этом она: обрабатываетсясотрудниками, курсирует по разным каналам, хранится на компьютерах и в сети. И каждый из этих аспектов – угроза сохранности коммерчески ценных данных внутри компании.
- Man-in-the-middle (MiTM) attacks are fundamental communication attacks that can be implemented in various conditions and technologies.
- As communications technologies have advanced from dial-up to 4G/5G, security has evolved slowly, creating opportunities for MiTM attacks at new layers.
- There are many ways to conduct MiTM attacks including via Ethernet, WiFi, VPNs, and by compromising routers to intercept traffic on the local network or WAN. Practical experience with tools is important for learning different MiTM techniques.
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"Defcon Moscow
This document discusses hacking routers by exploiting vulnerabilities in their web interfaces. It begins by introducing the author and their background in security research. Several common vulnerabilities are then outlined, including default credentials, authentication bypass, XSS, CSRF and command injection issues. The document provides examples of exploiting these flaws in various router models. A methodology is proposed for analyzing router firmware to find and exploit vulnerabilities, potentially achieving remote code execution. It emphasizes chaining multiple issues together for increased access. Finally, the document suggests that support software, internet service providers, and router developers themselves can also be targeted.
More Related Content
Similar to Defcon Moscow #9 - Timur Yunusov "Особенности проведения социотехнического тестирования на проникновение"
Мониторинг интернет пространства, Дарья РождественскаяAlex Zagoumenov
Одна из встреч в нижегородском Циферблате. В этот раз Дарья Рождественская говорила о том, за чем нужно и стоит следить в сети, чтобы оставаться конкурентноспособной компанией.
ЗАЩИТОРГ DLP для бизнеса: роскошь или необходимость?BDA
Николай Сорокин, руководитель представительства SearchInform в Сибирском ФО
«DLP для бизнеса: роскошь или необходимость?»
Корпоративная информация как собственность подлежит защите. При этом она: обрабатываетсясотрудниками, курсирует по разным каналам, хранится на компьютерах и в сети. И каждый из этих аспектов – угроза сохранности коммерчески ценных данных внутри компании.
- Man-in-the-middle (MiTM) attacks are fundamental communication attacks that can be implemented in various conditions and technologies.
- As communications technologies have advanced from dial-up to 4G/5G, security has evolved slowly, creating opportunities for MiTM attacks at new layers.
- There are many ways to conduct MiTM attacks including via Ethernet, WiFi, VPNs, and by compromising routers to intercept traffic on the local network or WAN. Practical experience with tools is important for learning different MiTM techniques.
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"Defcon Moscow
This document discusses hacking routers by exploiting vulnerabilities in their web interfaces. It begins by introducing the author and their background in security research. Several common vulnerabilities are then outlined, including default credentials, authentication bypass, XSS, CSRF and command injection issues. The document provides examples of exploiting these flaws in various router models. A methodology is proposed for analyzing router firmware to find and exploit vulnerabilities, potentially achieving remote code execution. It emphasizes chaining multiple issues together for increased access. Finally, the document suggests that support software, internet service providers, and router developers themselves can also be targeted.
This document discusses hardware vulnerabilities in telecommunications devices. It begins by introducing the author and their background in hacking telecommunications hardware since 2001. It then lists common device types like modems, routers, and switches that are targeted. Common vulnerabilities are outlined such as default credentials, backdoors, and injection attacks. Statistics on vulnerabilities found in popular vendor devices are provided. Specific hacking techniques for 3G/4G modems and routers are then described, along with warnings about using powers responsibly. The document proposes a hypothetical scenario for "robbing a train" using telecom device hacking.
Defcon Moscow #9 - Ivan Novikov "ElasticSearch is secure?"Defcon Moscow
Elasticsearch is a distributed RESTful search engine that is commonly used but has had security vulnerabilities in the past related to remote code execution and path traversal. The document examines potential injection vulnerabilities in how various Elasticsearch client wrappers in PHP handle user-supplied input, finding that the original PHP client properly URL-encodes dots in paths but other clients may be vulnerable if they do not sanitize input or properly construct JSON requests. It recommends input validation and use of client libraries' query parameterization features to help prevent injection attacks against Elasticsearch deployments.
Sergey Vishnyakov is the coordinator of Defcon Moscow #9, which is supported by Mail.Ru Group, Xakep Magazine, SecurityLab, and NewProject1. Additional community supporters include Defcon Russia, Justin Bieber's Fan Club, АНТИЧАТ, r0 Crew, and RDot. People are encouraged to stay tuned for more information about Defcon Moscow #9 by following the event's website, social media, and contacting the organizers by email.
This document provides recommendations for strengthening information security by addressing common issues found in internal networks. It identifies weak password policies, default accounts, unnecessary local privileges, vulnerabilities in the Windows architecture, misconfigured WPAD, antivirus software issues, lack of network segmentation, and no patch management as frequent problems. The document recommends implementing strong password policies, disabling unused accounts, restricting privileges, following the principle of least privilege, disabling WPAD if unused, configuring antivirus self-defense, implementing network segmentation with whitelisting, and establishing patch management.
Oleg Kupreev - 802.11 tricks and threatsDefcon Moscow
This document summarizes various topics related to hacking 802.11 wireless networks, including:
1. Factors that can affect hacking like weather, time of day, and neighboring networks.
2. Different antenna types useful for hacking like omnidirectional, Yagi, panel and their radiation patterns.
3. Recommended hardware and software tools for tasks like capturing handshakes, deauthentication attacks, and setting up rogue access points.
4. Details on wireless frequencies and channel plans used in different regions.
5. Techniques for hacking protected networks like WPA2 and discussions of tools like KARMA and MANA for rogue access points.
5. В чем разница:
• сведения о сотрудниках (ФИО,
должность, email)
• сведения о компании (структура,
новости, почта, инсайды, шаблоны
документов)
• время на сбор этих данных
7. • имитация угрозы с целью покрыть 100%
сотрудников
• сведения об антивирусном ПО
• whitelisting (антиспам и т.д.)
• интернет не нужен
• результаты совершенно другие