Java Core | Understanding the Disruptor: a Beginner's Guide to Hardcore Concu...JAX London
2011-11-02 | 05:45 PM - 06:35 PM | Victoria
The Disruptor is new open-source concurrency framework, designed as a high performance mechanism for inter-thread messaging. It was developed at LMAX as part of our efforts to build the world's fastest financial exchange. Using the Disruptor as an example, this talk will explain of some of the more detailed and less understood areas of concurrency, such as memory barriers and cache coherency. These concepts are often regarded as scary complex magic only accessible by wizards like Doug Lea and Cliff Click. Our talk will try and demystify them and show that concurrency can be understood by us mere mortal programmers.
Multiplatform JIT Code Generator for NetBSD by Alexander Nasonoveurobsdcon
Abstract
The next release of NetBSD will have a support for Just-In-Time (JIT) compilation of bpf programs in the kernel; this change will greatly speed-up traffic sniffing on multiple platforms. Unlike similar interface in other operating systems, bpfjit uses a unified programming interface for code generation which is based on Stack Less JIT Compiler library (SLJIT) and which supports x86, mips, arm, sparc and some other platforms.
The speaker will give an overview of SLJIT API and discuss some implementation details of the bpfjit code with emphasis on supported optimizations of bpf programs by JIT engine. He will also touch on unit testing of dynamically generated code running inside the kernel and on other areas in the NetBSD project where bpfjit can help in boosting performance."
Speaker bio
Alex is a software developer working in the financial sector in the City of London. He often amuses fellow tube passengers with C or Lua coding in NetBSD console and sometimes even with the green kernel debugger prompt.
"You shall not pass : anti-debug methodics"ITCP Community
How to save you app from hacking? We will discuss a protection mechanisms and ways to hack them.
Основные тезисы:
- Основы LLDB;
- Способы защиты от нежелательного дебага вашего приложения;
- Оценка эффективности этих способов;
- Способы обхода приведенных методик;
- Обфускация кода и другие полезные практики защиты;
- Небольшое демо по взлому:)
(AAAI 2021) Logical reasoning tasks over symbols, such as learning arithmetic
operations and computer program evaluations, have become
challenges to deep learning. In particular, even stateof-
the-art neural networks fail to achieve out-of-distribution
(OOD) generalization of symbolic reasoning tasks, whereas
humans can easily extend learned symbolic rules. To resolve
this difficulty, we propose a neural sequence-to-grid
(seq2grid) module, an input preprocessor that automatically
segments and aligns an input sequence into a grid. As our
module outputs a grid via a novel differentiable mapping, any
neural network structure taking a grid input, such as ResNet
or TextCNN, can be jointly trained with our module in an
end-to-end fashion. Extensive experiments show that neural
networks having our module as an input preprocessor achieve
OOD generalization on various arithmetic and algorithmic
problems including number sequence prediction problems,
algebraic word problems, and computer program evaluation
problems while other state-of-the-art sequence transduction
models cannot. Moreover, we verify that our module enhances
TextCNN to solve the bAbI QA tasks without external
memory.
Le slide deck de l'Université que nous avons donnée avec Rémi Forax à Devoxx France 2019.
Comme promis, Java sort sa version majeure tous les 6 mois. Le train passe et amène son lot de nouveautés. Parmi elles, certaines sont sorties : une nouvelle syntaxe pour les clauses switch et l'instruction de byte code CONSTANT_DYNAMIC. D'autres sont en chantier, plus ou moins avancé : une nouvelle façon d'écrire des méthodes de façon condensée, un instanceof 'intelligent', des constantes évaluées au moment où elles sont utilisées. Les projets progressent. Loom, et son nouveau modèle de programmation concurrente que l'ont peut tester avec Jetty. Amber, qui introduit les data types et des nouvelles syntaxes. Valhalla, dont les value types donnent leurs premiers résultats. S'il est difficile de prévoir une date de sortie pour ces nouveautés, on sait en revanche qu'une fois prêtes elles sortiront en moins de 6 mois. De tout ceci nous parlerons donc au futur et en public, avec des démonstrations de code, des slides, du code, de la joie et de la bonne humeur !
Big Data Day LA 2016/ Hadoop/ Spark/ Kafka track - Data Provenance Support in...Data Con LA
Debugging data processing logic in Data-Intensive Scalable Computing (DISC) systems is a difficult and time consuming effort. To aid this effort, we built Titian, a library that enables data provenance tracking data through transformations in Apache Spark.
Инструмент ChangelogBuilder для автоматической подготовки Release NotesPositive Hack Days
1. Основные понятия и определения: продукт, пакет, связи между ними.
2. Как узнать, какие изменения произошли в продукте?
3. Проблемы changelog и release note.
4. Решение: инструмент ChangelogBuilder для автоматической подготовки Release Notes
Как мы собираем проекты в выделенном окружении в Windows DockerPositive Hack Days
1. Обзор Windows Docker (кратко)
2. Как мы построили систему билда приложений в Docker (Visual Studio\Mongo\Posgresql\etc)
3. Примеры Dockerfile (выложенные на github)
4. Отличия процессов DockerWindows от DockerLinux (Долгий билд, баги, remote-регистр.)
Типовая сборка и деплой продуктов в Positive TechnologiesPositive Hack Days
1. Проблемы в построении CI процессов в компании
2. Структура типовой сборки
3. Пример реализации типовой сборки
4. Плюсы и минусы от использования типовой сборки
1. Что такое BI. Зачем он нужен.
2. Что такое Qlik View / Sense
3. Способ интеграции. Как это работает.
4. Метрики, KPI, планирование ресурсов команд, ретроспектива релиза продукта, тренды.
5. Подключение внешних источников данных (Excel, БД СКУД, переговорные комнаты).
Approof — статический анализатор кода для проверки веб-приложений на наличие уязвимых компонентов. В своей работе анализатор основывается на правилах, хранящих сигнатуры искомых компонентов. В докладе рассматривается базовая структура правила для Approof и процесс автоматизации его создания.
Задумывались ли вы когда-нибудь о том, как устроены современные механизмы защиты приложений? Какая теория стоит за реализацией WAF и SAST? Каковы пределы их возможностей? Насколько их можно подвинуть за счет более широкого взгляда на проблематику безопасности приложений?
На мастер-классе будут рассмотрены основные методы и алгоритмы двух основополагающих технологий защиты приложений — межсетевого экранирования уровня приложения и статического анализа кода. На примерах конкретных инструментов с открытым исходным кодом, разработанных специально для этого мастер-класса, будут рассмотрены проблемы, возникающие на пути у разработчиков средств защиты приложений, и возможные пути их решения, а также даны ответы на все упомянутые вопросы.
От экспериментального программирования к промышленному: путь длиной в 10 летPositive Hack Days
Разработка наукоемкого программного обеспечения отличается тем, что нет ни четкой постановки задачи, ни понимания, что получится в результате. Однако даже этом надо программировать то, что надо, и как надо. Докладчик расскажет о том, как ее команда успешно разработала и вывела в промышленную эксплуатацию несколько наукоемких продуктов, пройдя непростой путь от эксперимента, результатом которого был прототип, до промышленных версий, которые успешно продаются как на российском, так и на зарубежном рынках. Этот путь был насыщен сложностями и качественными управленческими решениями, которыми поделится докладчик
Уязвимое Android-приложение: N проверенных способов наступить на граблиPositive Hack Days
Немногие разработчики закладывают безопасность в архитектуру приложения на этапе проектирования. Часто для этого нет ни денег, ни времени. Еще меньше — понимания моделей нарушителя и моделей угроз. Защита приложения выходит на передний план, когда уязвимости начинают стоить денег. К этому времени приложение уже работает и внесение существенных изменений в код становится нелегкой задачей.
К счастью, разработчики тоже люди, и в коде разных приложений можно встретить однотипные недостатки. В докладе речь пойдет об опасных ошибках, которые чаще всего допускают разработчики Android-приложений. Затрагиваются особенности ОС Android, приводятся примеры реальных приложений и уязвимостей в них, описываются способы устранения.
Разработка любого софта так или иначе базируется на требованиях. Полный перечень составляют бизнес-цели приложения, различные ограничения и ожидания по качеству (их еще называют NFR). Требования к безопасности ПО относятся к последнему пункту. В ходе доклада будут рассматриваться появление этих требований, управление ими и выбор наиболее важных.
Отдельно будут освещены принципы построения архитектуры приложения, при наличии таких требований и без, и продемонстрировано, как современные (и хорошо известные) подходы к проектированию приложения помогают лучше строить архитектуру приложения для минимизации ландшафта угроз.
Доклад посвящен разработке корректного программного обеспечения с применением одного из видов статического анализа кода. Будут освещены вопросы применения подобных методов, их слабые стороны и ограничения, а также рассмотрены результаты, которые они могут дать. На конкретных примерах будет продемонстрировано, как выглядят разработка спецификаций для кода на языке Си и доказательство соответствия кода спецификациям.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
2. Why is this important?
• Even useless for crypto often used for other “random” sequences:
• Session ID
• Account passwords
• CAPTCHA
• etc.
• In poor applications can be used for cryptographic keys generation
3. Why Java?
• I am Java programmer
• Used in many applications
• Easy to analyze (~decompile)
• Thought to be secure programming language
5. TOO simple about PRNG security
When problems with PRNG security arises:
1. PRNG state is small, we can just brute force all combinations.
2. We can make some assumptions about PRNG state by examining
output from PRNG. So we can reduce brute force space.
3. PRNG is poorly seeded and having output from PRNG we can easily
brute force its state.
6. Linear congruential generator (In a nutshell)
“Statei” – internal statei:
Statei+1 = Statei × A + Ci+1:
Case 1: “Modular”
(take from bottom)
Si+1
Si+1= Statei+1 mod limit
Si+1
Si+1= (Statei+1 × limit) >> k
k bit
Case 2: “Multiplicative”
(take from top)
java.util.Random:
N = 48
A = 0x5deece66dL = 25 214 903 917
C = 11
N bit
“Seed” == State0
7. java.util.Random’s nextInt()
32 bit 16 bit
{state0} S0 {state1} S1 {statei} … {staten} Sn
16
S0
exhaustive
search
For each state of this form we check if it
returns our sequence – this takes less than
second
8. java.util.Random’s nextLong()
32 bit 16 bit
{state0, state1} S0 {state2, state3} S1 {statei, statei+1} … {state2n, state2n+1} Sn
16
S0
exhaustive
search
For each state of this form we check if it
returns our sequence – this takes less than
second
32 bit 16 bit
16 bit
S0
low32S0
high32
9. java.util.Random’s nextInt(limit), limit is even
H ~ 31 bit L ~ 17 bit
{state0} S0 {state1} S1 {statei} … {staten} Sn
17
S0
S0 % 2P 1) search for L
p + 17 bit
p bit
known L
S0 = H % limit
2) search for H = S0 + J*limit ~ 31 bit
p: limit = n×2P
SubLCG, generates Si % 2P
Search for L (1) and then search for H (2) take
less than 2 seconds
11. java.util.Random’s nextInt(limit), limit is 2P
We search state in the form X = S0 × 248 - p + t mod 248
We have sequence S0 S1 S2 … Sn
Iterate through all t values (248 - p )
Does PRNG.forceSeed(X) produces S1 S2 … Sn ?
Simple Brute Force:
13. java.util.Random’s nextInt(limit), limit is 2P
× We can skip (limit -1) × c values that do not produce S1
× Complexity is O(2 48 - 2·p) (~ 2 36 for limit = 64)
instead O(2 48 - 1·p) (~ 2 42 for limit = 64)
15. java.util.Random’s nextInt(limit), limit is odd
We search state in form X = (217 × high) + low mod 248
We search high in form high = S0 + j × limit mod 231
Iterate through all high values with step limit (i.e. high += limit)
Iterate through all low values with step 1 (i.e. low += 1)
Does PRNG.forceSeed(X) produces S1 S2 … Sn ?
We have sequence S0 S1 S2 …Sn
Simple Brute Force:
16. java.util.Random’s nextInt(limit), limit is odd
limit = 73
d = 15 [d depends on limit]
217/d=8738
x2 = x1 mod limit
x2 = x1 – 1 mod limit
x2 = x1 – p mod limit
x2 = x1 – (p + 1) mod limit
x2
x1
where p = 231 mod limit
p = 16 period = 744
17. java.util.Random’s nextInt(limit), limit is odd
d = min i : (0x5deece66d × i) >> 17 = limit – 1 mod limit
// This is table width
period = 231 / ( (0x5deece66d × d) >> 17 )
// Decrease by p or p+1 happens periodically
18. 19 19 3 2 2 2 2 1 1 1
java.util.Random’s nextInt(limit), limit is odd
Decrease by p=16
63 63 63 46 46 46 46 45 45 45
Decrease by p+1=17
……….... ………....30 29 29 29 29 28 28 ..…....
Decrease by 1 Stay the same
217 / d = 8738
× For each high we pre-compute low values where decrease by p or p+1 happens
There are 217 / (d × period) such low values!
× We skip low values that do not produce S1
In a column we have to check 217 / (d × limit) low values, not all 217 / d
× Complexity is O(248 / period)
× Instead O(248 / limit) better if period > limit
20. Tool: javacg
• Multi-threaded java.util.Random cracker
• Written in C++11
• Can be built for Linux/Unix and Windows
(tested in MSVS2013 and GCC 4.8.2)
• Available on github: https://github.com/votadlos/JavaCG.git
• Open source, absolutely free to use and modify
21. Tool: javacg, numbers generation
• javacg -g [40] -l 88 [-s 22..2], - generate 40 (20 by default) numbers modulo 88 with
initial seed 22..2 (smth made of time by default).
• If -l 0 specified will generate as .nextInt() method
• If -l is omitted will work as .nextLong()
22. Tool: javacg, passwords generation
• Generate passwords: javacg -g [40] [-b 41] -l 88 -p
[18] [-s 22..2] [-a a.txt], - generate 40 passwords
with length 18 (15 by default) using alphabet a.txt (88
different simbols by default), initial seed – 22..2.
• If -b 41 specified – wind generator backward and
generate 41 passwords before specified seed
22..2.
23. Tool: javacg, crack options
• Crack: javacg -n [20] -l 88 [-sin 22..2] [-sax 44..4] [-p], - take 20 numbers modulo
88 and return internal state after the last number from input.
• If min internal state 22..2 or max 44..4 or both are known they can be specified.
In case of odd modulo it’s better to switch to ‘advanced’ brute with -bs (breadth
strategy)/-ds (depth strategy) options.
24. Tool: javacg, -ds-bs ‘advanced’ mode
• Crack: javacg -n [20] -l 88 [-sin 22..2] [-sax 44..4] [-p], - take 20 numbers modulo
88 and return internal state after the last number from input.
• If min internal state 22..2 or max 44..4 or both are known they can be specified.
In case of odd modulo it’s better to switch to ‘advanced’ brute with -bs (breadth
strategy)/-ds (depth strategy) options.
25. Tool: javacg, -ds-bs ‘advanced’ mode
• Crack: javacg -n [20] -l 88 [-sin 22..2] [-sax 44..4] [-p], - take 20 numbers modulo
88 and return internal state after the last number from input.
• If min internal state 22..2 or max 44..4 or both are known they can be specified.
In case of odd modulo it’s better to switch to ‘advanced’ brute with -bs (breadth
strategy)/-ds (depth strategy) options.
26. Tool: javacg, crack options (-sin, -sax)
• Crack: javacg -n [20] -l 88 [-sin 22..2] [-sax 44..4] [-p], - take 20 numbers modulo
88 and return internal state after the last number from input.
• If min internal state 22..2 or max 44..4 or both are known they can be specified.
In case of odd modulo it’s better to switch to ‘advanced’ brute with -bs (breadth
strategy)/-ds (depth strategy) options.
30. Tool: javacg, crack option -st
• Initial seed is milliseconds since epoch (GNU Class Path)
31. Tool: javacg, crack option –upt [–su]
• Initial seed is host uptime in nanoseconds (Random’s default constructor)
• –upt option takes uptime guess in milliseconds, combines diapason in
nanoseconds (as it’s in –sin and –sax options) and simple bruteforse it.
• –su – optional maximum seedUniquifier
increment, 1000 by default.
32. Tool: javacg, performance options
• -t 212 – perform brute with 212 threads (C++11 native threads are used).
Default – 128.
• -c 543534 – each thread will take 543534 states to check (‘cycles per thread’).
Default – 9999.
• - ms 12 – will build search matrix with 12 rows. Deault – half of length of input
sequence.
• -norm. During brute forcing we start from the max state (‘from the top’), if it’s
known that sought state is in the middle - use -norm option.
S0 S1 S2 S3 S4 S5 S6 S7
S0 S1 S2 S3 S4
S1 S2 S3 S4 S5
S2 S3 S4 S5 S6
S3 S4 S5 S6 S7
Input sequence Search matrix
33. Tool: javacg, threads
S0 S1 S2 S3 S4
S1 S2 S3 S4 S5
S2 S3 S4 S5 S6
S3 S4 S5 S6 S7
Generator internal state space
MAX MIN
Threadsforsearch
matrixrows
Threads for internal
states
-t - total number of
threads
34. Tool: javacg, threads with -norm opt.
S0 S1 S2 S3 S4
S1 S2 S3 S4 S5
S2 S3 S4 S5 S6
S3 S4 S5 S6 S7
Generator internal state space
MAX MIN
Threadsforsearch
matrixrows
Threads for internal
states
-t - total number of
threads
Suppose ‘normal’ distribution
46. user
l33t Hax0r
IDM generates different
‘random’ local admin passwords
and sets them over all managed
endpoints
IDM
Web-interface
“Show me password
for workstation”
u-%=X_}6~&Eq+4n{gO
m;f9qHU){+6Y[+j$R8
[D7E?Og]Gz>nL5eVRD
df=m+]6l0pFSFbXT_=
Demo #1: “IdM”
Given:
Red password
Alphabet
Number of servers
Find:
[All] green passwords
Take known
df=m+]6l0pFSFbXT_=
Brute internal state
(seed)
Wind generator forward
Wind generator backward
Generate possible passwords
Brute passwords, using
generated passwords as
dictionary
47. ×Jenkins – is open source continuous integration (CI) server, CloudBees
makes commercial support for Jenkins
×Hudson – is open source continuous integration (CI) server under
Eclipse Foundation
×Winstone – is small and fast servlet container (Servlet 2.5)
Other apps with java.util.Random inside
48. Session Id generation in Jenkins (Winstone)
Winstone_ Client IP Server Port_ _ Gen. time in ms PRNG.nextLong()MD5:
PRNG initialized by time in ms at startup: we need
time in ms and count of generated Long numbers
Can be quickly
guessedConstants
Can be quickly
guessed
Entropy ≈ 10 bit + 14 bit + log2(# of generated)
time PRNG init. time Count of generated Long numbers
Session id generation logic is in makeNewSession() method of winstone.WinstoneRequest class.
JSESSIONID.1153584c=254a8552370933b36b322c1d35fd4586
49. Receive one
cookie
Recover
PRNG state
Periodically (once a sec.)
receive cookie and
synchronize PRNG.
If we need to generate
more than one Long
number to sync PRNG →
somebody else received
cookie! Remember PRNG
state and time interval.
Brute exact
time in ms
from time
interval
Guess
Victim’s IP
HTTP
header: Date
Get server
uptime
WinstoneSessionCatcher.py WinstoneSessionHijacker.py
Recover
victim’s cookie
Session hijacking attack at a glance
50. PRNG millis estimate
×TCP timestamp is 32 bit value in TCP options and contains
value of the timestamp clock
×TCP timestamp is used to adjust RTO (retransmission
timeout) interval
×Used by PAWS (Protection Against Wrapping Sequence)
mechanism (RFC 1323)
×Enabled by default on most Linux distributives!
51. ×Timestamp clock is initialized and then get incremented with
fixed frequency
× On Ubuntu 12.04 LTS we used for tests, timestamp clock was
initialized by -300 and clock frequency was 1000 Hz
×Knowing this we can compute host uptime from TCP
timestamp value
×Nmap can determine host uptime (nmap -O), we need to
subtract initial value from nmap’s result
PRNG millis estimate
52. ×Jenkins prior to 1.534 (uses Winstone as container), later versions migrated to
Jetty
×Hudson prior to 3.0.0 (uses Winstone as container), later versions migrated to
Jetty
×Winstone 0.9.10
Vulnerable software
CVE-2014-2060 (SECURITY-106)
53. Demo #2: Session Hijacking in Jenkins
Request Cookie
Brute PRNG’s initial seed
Request Cookie and
synchronize PRNG
(in a loop)
Infer user’s cookie value
When user logs in
Try to hijack user’s
session
Given:
Attacker have no valid
credentials.
54. java.security.SecureRandom class
× Extends java.util.Random class
× Provides a cryptographically strong random number
generator (CSRNG)
× Uses a deterministic algorithm to produce a pseudo-
random sequence from a true random seed
55. SecureRandom logic is not obvious
Depends on:
× Operating System used
× -Djava.security.egd, securerandom.source parameters
× Seeding mechanism
57. NativePRNG algorithm
× Default algorithm for Linux/Solaris OS’es
× Reads random bytes from /dev/random and
/dev/urandom
× There is SHA1PRNG instance that works in parallel
× Output from SHA1PRNG is XORed with bytes from
/dev/random and /dev/urandom
58. SHA1PRNG algorithm
State0 = SHA1(SEED)
Output i = SHA1(Statei-1)
Statei = Statei-1 + Outputi + 1 mod 2160
× Default algorithm for Windows OS
60. NativeSeedGenerator logic
× Is used when securerandom.source equals to
value file:/dev/urandom or file:/dev/random
× Reads bytes from /dev/random (Linux/Solaris)
× CryptoAPI CSPRNG (Windows)
61. URLSeedGenerator logic
× Is used when securerandom.source specified as
some other file not file:/dev/urandom or
file:/dev/random
× Simply reads bytes from that source
62. ThreadedSeedGenerator logic
× Is used when securerandom.source parameter
not specified
× Multiple threads are used: one thread
increments counter, “bogus” threads make
noise
64. Why we need to change securerandom.source on Linux?
× Simply because reading from /dev/random
hangs when there is no enough entropy!
65. SecureRandom risky usage
× Windows and Linux/Solaris (with modified
securerandom.source parameter)
× Low quality seed is passed to constructor
× Low quality seed is passed to setSeed() before
nextBytes() call
66. Tiny Java Web Server
http://sourceforge.net/projects/tjws/, ~50 575 downloads, ~5 864 downloads last year
× Small and fast servlet container (servlets, JSP), could run on Android
and Blackberry platforms
× Acme.Serve.Serve class
31536000 seconds in year ~ 25 bits
TJWSSun May 11 02:02:20 MSK 2014
67. Oracle WebLogic Server
× WebLogic – Java EE application server
× WTC – WebLogic Tuxedo Connector
× Tuxedo – application server for applications written in
C, C++, COBOL languages
× LLE – Link Level Encryption protocol (40 bit, 128 bit
encryption, RC4 is used)
× Logic is inside weblogic.wtc.jatmi.tplle class
68. Oracle WebLogic Server
DH Private Key
DH Public Key
~ 10 bits
~ 10 bits
~ 1 bit
2nd party’s public key
Two keys for encryption
Shared secret
69. JacORB
http://www.jacorb.org/
× Free implementation of CORBA standard in Java
× Is used to build distributed application which
components run on different platforms (OS, etc.)
× JBoss AS and JOnAS include JacORB
× Supports IIOP over SSL/TLS (SSLIOP)
× Latest release is 3.4 (15 Jan 2014)
70. JacORB’s SSLIOP implementation
× org.jacorb.security.ssl.sun_jsse.JSRandomImpl class
× org.jacorb.security.ssl.sun_jsse.SSLSocketFactory class
72. Master key computation
× Inspect com.sun.crypto.provider.TlsMasterSecretGenerator and
com.sun.crypto.provider.TlsPrfGenerator classes if you want all
details
× SSL v3 master key (48 bytes)
MD5(Pre-master || SHA1(‘A’|| Pre-master||Random A || Random B))
MD5(Pre-master || SHA1(‘BB’|| Pre-master||Random A || Random B))
MD5(Pre-master || SHA1(‘CCC’|| Pre-master||Random A || Random B))
× TLS master key (48 bytes)
F(Pre-master, Random A, Random B), where F – some tricky function
73. How JSSE uses SecureRandom passed
× Logic inside sun.security.ssl.RSAClientKeyExchange
× Java 6 or less
Only Random A, Random B
× Java 7 or above
Random A, Random B, Pre-master generation
74. Demo #3: TLS/SSL decryption in JacORB
Extract Session-id
Random A, Random B
from traffic dump
Guess Pre-master key
(due to poor PRNG
initialization)
Compute master key
(produce master log file)
Decrypt TLS/SSL
Given:
Attacker is capable to
intercept all traffic
(including ssl handshake)
75. GNU Classpath
×Is an implementation of the standard class library for Java 5
×Latest release - GNU Classpath 0.99 (16 March 2012)
×Is used by free JVMs (such as JamVM, Kaffe, CACAO, etc.)
77. SecureRandom in GNU Classpath
State0 = SEED (is 32 bytes)
Output i = SHA512(Statei-1)
Statei = Statei-1 || Output i
Seeding logic is inside class
gnu.java.security.jce.prng.SecureRandomAdapter
78. SecureRandom in GnuClasspath
Tries to seed PRNG from following sources in sequence until succeeds:
1. From a file specified by parameter securerandom.source in
classpath.security file (located in /usr/local/classpath/lib/security/)
2. From a file specified by command line parameter java.security.egd
3. Using generateSeed method in java.security.VMSecureRandom class
80. VMSecureRandom generateSeed()
×What is Thread.yeild()?
public static void yield()
A hint to the scheduler that the current thread is willing to yield its current use of a
processor. The scheduler is free to ignore this hint. Yield is a heuristic attempt to improve
relative progression between threads that would otherwise over-utilise a CPU. Its use should
be combined with detailed profiling and benchmarking to ensure that it actually has the
desired effect.
It is rarely appropriate to use this method. It may be useful for debugging or testing
purposes, where it may help to reproduce bugs due to race conditions. It may also be useful
when designing concurrency control constructs such as the ones in
the java.util.concurrent.locks package.
87. Jetty servlet container is open source project (part of the Eclipse
Foundation).
http://www.eclipse.org/jetty/
In the past Jetty was vulnerable to Session Hijacking (CVE-2007-5614)
http://www.securityfocus.com/bid/26695/info
Now Jetty uses SecureRandom for:
× SSL support
× Session id generation
Jetty and SecureRandom
89. Session id generation in Jetty
× Component – jetty-server
× Class – org.eclipse.jetty.server.session.AbstractSessionIdManager
× Initialization – public void initRandom ()
_random=new SecureRandom();
_random.setSeed(_random.nextLong()^System.currentTimeMillis()^hashCode()^Runtime.getRun
time().freeMemory());
× Session id generation – public String newSessionId(HttpServletRequest
request, long created)
long r0 = _random.nextLong(); long r1 = _random.nextLong();
if (r0<0) r0=-r0; if (r1<0) r1=-r1;
id=Long.toString(r0,36)+Long.toString(r1,36);
× Example – JSESSIONID=1s3v0f1dneqcv1at4retb2nk0u
90. Session id generation in Jetty
1. _random.nextLong() – SecureRandom implementation in GNU Classpath
× Try all possible combinations
× 16 bits of entropy (SecureRandom is seeded from spinning threads)
2. System.currentTimeMillis() – time since epoch in milliseconds
× Estimate using TCP timestamp technique
× 13 bits of entropy
3. Runtime.getRuntime().freeMemory() – free memory in bytes
× Estimate using machine with the same configuration
× 10 bits of entropy
4. hashCode() – address of object in JVM heap
× Estimate using known hashcode of another object (Jetty test.war)
× 12 bits of entropy
91. Session id generation in Jetty
For demo purpose we modified
AbstractSessionIdManager a little bit …
_random=new SecureRandom();
_random.setSeed(_random.nextLong());
92. Demo #4: Session Hijacking in Jetty
Request Cookie
Brute SecureRandom
PRNG’s initial seed and
recover state
Request Cookie and
synchronize
SecureRandom PRNG
(in a loop)
Infer user’s cookie value
When user logs in
Try to hijack user’s
session
Given:
Attacker have no valid
credentials.
93. Our recommendations for Java developers
1. DO NOT USE java.util.Random for security related
functionality!
2. Always use SecureRandom CSPRNG.
3. DO NOT INVENT your own CSPRNGs! ... Unless you're a
good cryptographer.
4. Ensure SecureRandom CSPRNG is properly seeded (seed
entropy is high enough).
5. Periodically add fresh entropy to SecureRandom CSPRNG
(via setSeed method).
94. You can find presentation and demo videos you
have seen and more interesting stuff in our blogs:
× http://0ang3el.blogspot.com/
× http://reply-to-all.blogspot.com/