bsidessf 2019 san francisco, usa - vulnex · 1. red team win – blue team win red team blue team...
TRANSCRIPT
BsidesSF 2019 San Francisco, USA
ME & VULNEX
Simon Roses Femerling
• Founder & CEO, VULNEX www.vulnex.com
• @simonroses
• Former Microsoft, PwC, @Stake
• US DARPA award to research on software security
• Speaker: Black Hat, DEF CON, RSA, HITB, OWASP, SOURCE, AppSec, DeepSec, TECHNET
• Blog: http://www.simonroses.com/
• Youtube: https://www.youtube.com/channel/UC8KUXxTSEdWfpFzAydjEzyQ
• CyberSecurity Startup
• @vulnexsl
• Professional Services & Training
• Products: BinSecSweeper (The File Threat Intelligence Platform) http://www.vulnex.com/en/binsecsweeper.html
VULNEX
NOT THE DROPBOX YOU’RE LOOKING FOR…
OBJETIVES
• Pentesting Dropbox overview
• Tips from the field
AGENDA
1. Introduction
2. Pentesting Dropboxes
3. Weaponizing Pentesting Dropboxes
4. Demos
5. Conclusions
1. INTRODUCTION
1. OUR APPROACH
• Covert vs. Transparent
• Build trust & follow rules
• Many ways…
1. RED TEAM WIN – BLUE TEAM WIN
RED TEAM BLUE TEAM
Remote testing from inside Continuous improving detection skills
Wider range of attacks * Effective defense testing
Less travel High budget
Lower cost
1. ASSUME BREACH
• Pentesting Dropboxes fits perfectly with Assume Breach
1. DROPBOXES IN THE WILD I
• “My roommate found a bunch of these hidden behind desks, vending machines, and trashcans in our main college library. Thoughts on what these are?”
• https://www.reddit.com/r/hacking/comments/9rm9r6/my_roommate_found_a_bunch_of_these_hidden_behind/
• https://www.youtube.com/watch?v=UeAKTjx_eKA
1. DROPBOXES IN THE WILD II
• https://blog.haschek.at/2019/the-curious-case-of-the-RasPi-in-our-network.html
1. DROPBOXES IN THE WILD III
• “Eastern European banks lose tens of millions of dollars in Hollywood-style
hacks”
• https://www.zdnet.com/article/eastern-european-banks-lose-tens-of-millions-of-dollars-in-hollywood-style-hacks/
– Cheap laptops
– Raspberry PI
– Bash Bunny
2. PENTESTING DROPBOXES
2. NANO FACTOR PENTESTING DROPBOXES
2. NANO FACTOR PENTESTING DROPBOXES
PI ZERO Raspberry
PI 3
Odroid C2
2. HAK5 PENTESTING DROPBOXES
2. HAK5 PENTESTING DROPBOXES
Pineapple Nano
Packet Squirrel
LAN Turtle
2. FIREPOWER PENTESTING DROPBOXES
2. FIREPOWER PENTESTING DROPBOXES
Intel NUC Zotac Nano
2. OPERATING SYSTEM OPTIONS
• ARM Support
– Kali Linux
https://www.kali.org/
– Parrot Security https://www.parrotsec.org/
– Ubuntu https://www.ubuntu.com
3. WEAPONIZING PENTESTING DROPBOXES
3. WIFI & BT
3. WIFI & BT
Alfa 36H
Alfa 36NEH
CSL
SENA UD100
Ubertooth One
BT
3. SOFTWARE-DEFINED RADIO (SDR)
3. SOFTWARE-DEFINED RADIO (SDR)
RTL-SDRv
Crazyradio PA
BladeRF
LimeSDR Mine
ATTACK CAPABILITIES * I
ATTACK CAPABILITIES * II
• Network – All your classics…
• RF
ATTACK CAPABILITIES * II
• Network – All your classics…
• RF
4. DEMOS
4. SOCIAL NETWORKS C&C
4. RF MONITORING
4. MOUSEJACKING
5. CONCLUSIONS
• It’s affordable
• Improves security defenses
• Not just one way
RESOURCES
• https://www.vdalabs.com/2018/02/06/penetration-testing-dropboxes/
• https://www.blackhillsinfosec.com/pentesting-dropbox-on-steroids/
• https://www.blackhillsinfosec.com/how-to-build-your-own-penetration-testing-drop-box/
5. Q&A
• Thanks!
• Beer appreciated!!!
• @simonroses • @vulnexsl
• www.vulnex.com • www.simonroses.com