#25C3 Day 3 overview: Going to warp speed (updated)

(UPDATE: Fixed some spelling errors and added ebay link to pcmcia card + a link to hypatia's blog)

After facing the evil daystar, I managed to get to the Berliner Congress Center for the first session. Barely awake, I just stumbled to Session 1: lightning talks day 3.

1. The first was about openVAS 2.0. OpenVAS stands for Open Vulnerability Assessment System and is the opensource continuation of what Nessus used to be. It should be known by infosec people. I still have to test that one out.
2. Second on the list was a realtime filesystem monitoring tool (think of the old tripwire) called Fspy, based on inotify. I used to run Tripwire on my Redhat 5 boxes. Ah; the nostalgia.
3. The next one was about the Freerainbowtables.com project. The goal of FreeRainbowTables.com is to prove the insecurity of using simple hash routines to protect valuable passwords, and force developers to use more secure methods. You don't have to download them all, you can also check hashes online ( limited to 10 hashes per 24 hours). You can also order a harddisk with all the tables onboard to support the project. Have some free CPU cycles to spare? Donate it to the project!!
4. The fourth talk was about the China Channel Firefox Add-on. A crazy plugin as it will show you the internet viewed as it is by the Chinese, behind the Great Firewall of China. Experience the censorship yourself.

The remaining talks were somewhat less interesting but the previous ones had some gems.

After a break, I uploaded all my pictures of the previous day to Flickr and proceeded to the Session 2 RFID talk: Analyzing RFID security. How much more broken could it be?
Proxy/relay attacks work against several RFID cards. The main countermeasure is to measure the travel time of the signal. In hardware this means nanoseconds and measuring this comes with a cost. So it's often not implemented.
The strength of some ciphers are only as strong as it's random number generator. The problem with Mifare classic is that it's quite predictable. (See linear feedback shift register). Basically you can bruteforce mifare classic keys with a FPGA cluster in about 50 minutes.
They have some kits you can play around with, check OpenPICC and this code at openpcd.org.

(List of RFID cards with weak crypto)


Moving on to Session nr. 3. for me was about DECT. DECT stand for Digital Enhanced Cordless Telecommunications. It is used in wireless phones, babyphones, remote door openers and even in some cases traffic lights. A survey shows some 30.000.000 base stations in use.
For testing purposes, the researchers first used a USRP DECT sniffer that could capture all packers on a channel but had high CPU requirements (2GHZ). Sending packets was not supported. Price tag :1000euro.

(Hardware pron of the PCMCIA card))


Their second device was a ComOnAir PCMCIA card, that could can scan for stations and active calls. Sending frames would also be supported soon. Cost price 23 euro (also to be found on eBay).
There are 2 issues, sometimes no encryption is activated, making it trivial to record and replay conversations. The second issue was that there was no authentication of a handheld to the DECT network. So handhelds will easily 'trust' a spoofed basestation.
The encryption algorithms used in DECT are implemented in hardware and are thus difficult to replace or upgrade (without changing equipment). The research team has reverse engineered the cipher and will release the full details on the upcoming RSA 2009 Conference in San Francisco, together with code in C and Java. To wrap up, the next version of Kismet will support DECT!! So for DECT security as it is now, it's game over.

To finish the day, there was FX's talk on IOS attack and defense - The State of the Art. I'm not an expert in exploitation techniques and it has been some days since the talk but here it goes: exploitation of IOS is made difficult due to the different versions of IOS (and there are a lot!!!). An exploit of one IOS (sub)version might not work against another. It all has to do with compilers and memory pointers. But for his technique, he used the BOOTROM which doesn't have that many variants. He wrapped up the talk by showing a proof of concept using an ICMP packet. That's right, he pwned a router by sending a ping. You shouldn't allow direct communication to the router (interfaces). More details when the slides and video come available.

After this talk, I headed to the Security Bloggers Meetup. It seems that some people missed us because I did not pick an ideal location to meet. But nevertheless some people joined and we headed to the cbase for the auction for the hackerspaces.org foundation. It was really fun and I even did a co-bid on an 'item'. We won it!! What we won shall remain between those who were there. ;-)

After this, I decided to head back to the hackcenter to look up some rumors. Apparently there would be some presentation which would 'break the internet'. I looked up what I could and went to sleep. You could read my findings about this that week in:

• #25C3 Talk : MD5 considered harmful today: Creating a rogue CA certificate” (updated)
• #25C3 Talk & Rumours: Attacking a critical piece of Internet infrastructure (updated)

One more update about day 4 coming up!!! If you want another review of Day 3 of some other presentations: check out hypatia's review on day 3.

Related posts:

• #25C3 Day 2 overview: Picking up the pace
• #25C3 Day 1 overview: A quiet start
• Following the 25th Chaos Computer Congress at home #25C3
• Preparing your laptop for a security conference