bsidessf 2019 san francisco, usa - vulnex · 1. red team win – blue team win red team blue team...
TRANSCRIPT
![Page 1: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/1.jpg)
BsidesSF 2019 San Francisco, USA
![Page 2: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/2.jpg)
ME & VULNEX
Simon Roses Femerling
• Founder & CEO, VULNEX www.vulnex.com
• @simonroses
• Former Microsoft, PwC, @Stake
• US DARPA award to research on software security
• Speaker: Black Hat, DEF CON, RSA, HITB, OWASP, SOURCE, AppSec, DeepSec, TECHNET
• Blog: http://www.simonroses.com/
• Youtube: https://www.youtube.com/channel/UC8KUXxTSEdWfpFzAydjEzyQ
• CyberSecurity Startup
• @vulnexsl
• Professional Services & Training
• Products: BinSecSweeper (The File Threat Intelligence Platform) http://www.vulnex.com/en/binsecsweeper.html
VULNEX
![Page 3: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/3.jpg)
NOT THE DROPBOX YOU’RE LOOKING FOR…
![Page 4: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/4.jpg)
OBJETIVES
• Pentesting Dropbox overview
• Tips from the field
![Page 5: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/5.jpg)
AGENDA
1. Introduction
2. Pentesting Dropboxes
3. Weaponizing Pentesting Dropboxes
4. Demos
5. Conclusions
![Page 6: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/6.jpg)
1. INTRODUCTION
![Page 7: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/7.jpg)
1. OUR APPROACH
• Covert vs. Transparent
• Build trust & follow rules
• Many ways…
![Page 8: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/8.jpg)
1. RED TEAM WIN – BLUE TEAM WIN
RED TEAM BLUE TEAM
Remote testing from inside Continuous improving detection skills
Wider range of attacks * Effective defense testing
Less travel High budget
Lower cost
![Page 9: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/9.jpg)
1. ASSUME BREACH
• Pentesting Dropboxes fits perfectly with Assume Breach
![Page 10: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/10.jpg)
1. DROPBOXES IN THE WILD I
• “My roommate found a bunch of these hidden behind desks, vending machines, and trashcans in our main college library. Thoughts on what these are?”
• https://www.reddit.com/r/hacking/comments/9rm9r6/my_roommate_found_a_bunch_of_these_hidden_behind/
• https://www.youtube.com/watch?v=UeAKTjx_eKA
![Page 11: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/11.jpg)
1. DROPBOXES IN THE WILD II
• https://blog.haschek.at/2019/the-curious-case-of-the-RasPi-in-our-network.html
![Page 12: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/12.jpg)
1. DROPBOXES IN THE WILD III
• “Eastern European banks lose tens of millions of dollars in Hollywood-style
hacks”
• https://www.zdnet.com/article/eastern-european-banks-lose-tens-of-millions-of-dollars-in-hollywood-style-hacks/
– Cheap laptops
– Raspberry PI
– Bash Bunny
![Page 13: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/13.jpg)
2. PENTESTING DROPBOXES
![Page 14: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/14.jpg)
2. NANO FACTOR PENTESTING DROPBOXES
![Page 15: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/15.jpg)
2. NANO FACTOR PENTESTING DROPBOXES
PI ZERO Raspberry
PI 3
Odroid C2
![Page 16: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/16.jpg)
2. HAK5 PENTESTING DROPBOXES
![Page 17: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/17.jpg)
2. HAK5 PENTESTING DROPBOXES
Pineapple Nano
Packet Squirrel
LAN Turtle
![Page 18: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/18.jpg)
2. FIREPOWER PENTESTING DROPBOXES
![Page 19: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/19.jpg)
2. FIREPOWER PENTESTING DROPBOXES
Intel NUC Zotac Nano
![Page 20: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/20.jpg)
2. OPERATING SYSTEM OPTIONS
• ARM Support
– Kali Linux
https://www.kali.org/
– Parrot Security https://www.parrotsec.org/
– Ubuntu https://www.ubuntu.com
![Page 21: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/21.jpg)
3. WEAPONIZING PENTESTING DROPBOXES
![Page 22: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/22.jpg)
3. WIFI & BT
![Page 23: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/23.jpg)
3. WIFI & BT
Alfa 36H
Alfa 36NEH
CSL
SENA UD100
Ubertooth One
BT
![Page 24: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/24.jpg)
3. SOFTWARE-DEFINED RADIO (SDR)
![Page 25: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/25.jpg)
3. SOFTWARE-DEFINED RADIO (SDR)
RTL-SDRv
Crazyradio PA
BladeRF
LimeSDR Mine
![Page 26: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/26.jpg)
ATTACK CAPABILITIES * I
![Page 27: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/27.jpg)
ATTACK CAPABILITIES * II
• Network – All your classics…
• RF
![Page 28: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/28.jpg)
ATTACK CAPABILITIES * II
• Network – All your classics…
• RF
![Page 29: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/29.jpg)
4. DEMOS
![Page 30: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/30.jpg)
4. SOCIAL NETWORKS C&C
![Page 31: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/31.jpg)
4. RF MONITORING
![Page 32: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/32.jpg)
4. MOUSEJACKING
![Page 33: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/33.jpg)
5. CONCLUSIONS
• It’s affordable
• Improves security defenses
• Not just one way
![Page 34: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/34.jpg)
RESOURCES
• https://www.vdalabs.com/2018/02/06/penetration-testing-dropboxes/
• https://www.blackhillsinfosec.com/pentesting-dropbox-on-steroids/
• https://www.blackhillsinfosec.com/how-to-build-your-own-penetration-testing-drop-box/
![Page 35: BsidesSF 2019 San Francisco, USA - VULNEX · 1. RED TEAM WIN – BLUE TEAM WIN RED TEAM BLUE TEAM Remote testing from inside Continuous improving detection skills Wider range of attacks](https://reader030.vdocuments.us/reader030/viewer/2022041011/5ebacaf0ee4b713a050ac97e/html5/thumbnails/35.jpg)
5. Q&A
• Thanks!
• Beer appreciated!!!
• @simonroses • @vulnexsl
• www.vulnex.com • www.simonroses.com