Week 9 In Review – 2016

Resources

• USB HID/Fingerprint Reader that enters password if Fingerprint is correct – www.reddit.com

• CCDC Quals Notes (metasploit) – carnal0wnage.attackresearch.com
  Some quick notes for interesting stuff to keep for CCDC Quals/Notes

Tools

• EZ-Wave – github.com
  Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios.

• firmadyne – github.com
  FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware.

• StrongKey CryptoEngine – sourceforge.net
  FIDO strong-authentication, encryption, digital signature engine

Techniques

• Controlling vehicle features of Nissan LEAFs across the globe via vulnerable APIs – www.troyhunt.com
  What the workshop attendee ultimately discovered was that not only could he connect to his LEAF over the internet and control features independently of how Nissan had designed the app, he could control other people’sLEAFs.

• Using EMET to disable EMET – www.fireeye.com
  Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a project that adds security mitigations to user mode programs beyond those built in to the operating system. It runs inside “protected” programs as a Dynamic Link Library (DLL), and makes various changes in order to make exploitation more difficult.

• Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792) – www.contrastsecurity.com
  XStream is a popular deserialization library. It’s used directly by many popular apps, like JIRA, Confluence, Bamboo, and Jenkins. It’s also used by other popular libraries, like Spring and Struts 2 for unmarshalling XML input into objects.

Vulnerabilities

• Pirated iOS App Store’s Client Successfully Evaded Apple iOS Code Review – researchcenter.paloaltonetworks.com
  Apple’s official iOS App Store is well known for its strict code review of any app submitted by a developer. This mandatory policy has become one of the most important mechanisms in the iOS security ecosystem to ensure the privacy and security of iOS users.

• Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers – tech.vijayp.ca
  The Linux Kernel has a bug that causes containers that use veth devices for network routing (such as Docker on IPv6, Kubernetes, Google Container Engine, and Mesos) to not check TCP checksums. This results in applications incorrectly receiving corrupt data in a number of situations, such as with bad networking hardware.

• Mousejack Attacks Abuse Vulnerable Wireless Keyboard, Mouse Dongles – threatpost.com
  Wireless keyboards and mice are the latest peripherals to put enterprise networks and user data at risk. Researchers at Bastille Networks today said that non-Bluetooth devices from seven manufacturers including Logitech, Dell and Lenovo are vulnerable to so-called Mousejack attacks that would allow a hacker within 100 meters to abuse this attack vector and install malware or use that machine as pivot point onto the network.

Other News

• I got hacked mid-air while writing an Apple-FBI story – www.usatoday.com
  Just before midnight last Friday, my plane touched down in Raleigh after a three-hour flight from Dallas. As usual, I’d spent much of the flight working, using American Airlines Gogo in-flight Internet connection to send and answer emails. As I was putting on my jacket, a fellow in the row behind me, someone I hadn’t even noticed before, said: “I need to talk to you.” A bit taken aback, I replied, “It’s late … need to get home.”