Week 1 In Review – 2017

Resources

• 33C3: Chris Gerlinsky Cracks Pay TV – hackaday.com
  People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work.
  [Chris Gerlinksy]’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that.

Tools

• mitmproxy: release v1.0.0 – The Christmas Edition – github.com
  This release sees two changes in our process. First, we’re committing to a much more regular cadence, aiming for a new release every two months (with minor bugfix and patch releases in between). Second, each of these releases will see a major version number increment – this is v1.0, we’ll release v2.0 by the end of February, and so forth.

 Techniques

• Pivoting kerberos golden tickets in Linux – akondrat.blogspot.com
  Kerberos golden ticket allows attacker to establish persistent and covert authenticated access to Windows domain.

• Buying Internal Domain Access – room362.com
  For anyone who knows me, they know that I’ve been obsessed with DNS for a long time. However, in this post I will show results of something I can’t quite explain.

 Vulnerabilities

• 12 Days of HaXmas: 2016 IoT Research Recap – community.rapid7.com
  As we close out the end of the year, I find it important to reflect on the IoT vulnerability research conducted during 2016 and what we learned from it. There were several exciting IoT vulnerability research projects conducted by Rapid7 employees in 2016, which covered everything from lighting automation solutions to medical devices.

• PHPMailer Bug
  An independent research uncovered a critical vulnerability in PHPMailer that could potentially be used by (unauthenticated) remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application.
  • PHPMailer Exploit Remote Code Exec CVE-2016-10033 Vuln – legalhackers.com
  • PHPMailer Bug Leaves Millions of Websites Open to Attack – threatpost.com

Other News

• FBI and Homeland Security detail Russian hacking campaign in new report – www.theguardian.com
  The US Department of Homeland Security (DHS) and FBI have released an analysis of the allegedly Russian government-sponsored hacking groups blamed for breaching several different parts of the Democratic party during the 2016 elections.