Darren Kitchen: Barka da yamma, muna gefen taron DefCon a rumfar kungiyar hacker Hack 5, kuma ina so in gabatar da daya daga cikin hackers da na fi so, DarkMatter, tare da sabon ci gabansa mai suna WiFi Kraken.
Lokaci na ƙarshe da muka haɗu, kuna da babbar jaka mai ɗauke da "Cactus" tare da abarba a bayanku, kuma waɗannan lokutan hauka ne!
Bayanan fassarar: Mike ya sanya ainihin abarba a kan na'urarsa ta Cactus - nod ga WiFi Abarba, na'urar dan gwanin kwamfuta don satar sadarwa mara waya, duba hoto daga taron BlackHat 2017.
Mike Spicer: Ee, cikakken lokacin hauka! Don haka, wannan aikin yana ƙarƙashin hashtag WiFi Kraken kuma yana wakiltar sabon ƙarni na fasaha a fagen sa ido kan cibiyoyin sadarwa mara waya. Lokacin da na ƙirƙiri Cactus WiFi, na sami ƙwarewa da yawa kuma na yanke shawarar aiwatar da abin da na koya a aikace, ta yin amfani da shi don cimma maƙasudai masu amfani a cikin sabon aikin. A yau na gabatar muku Kraken!
Darren Kitchen: kuma menene wannan Kraken? Me yasa ake buƙata kuma menene manufar wannan ci gaban?
Mike Spicer: Manufar ita ce samun damar ɗaukar duk bayanan lokaci ɗaya, duk tashoshi 50 na WiFi a cikin kewayon 2.4 -5 gigahertz, a lokaci guda.
Darren Kitchen: me yasa ba za ku yi amfani da tashar rediyo ɗaya kawai don kutse duk bayanan ba?
Bayanan fassarar: Mike Spicer shine mahaliccin WiFi Cactus, na'urar da ke kula da tashoshin sadarwa mara waya ta 50 da na'urorin wayar hannu ke amfani da su a cikin radius na 100 m. WiFi Cactus an fara gabatar da shi ga jama'a a taron BlackHat a ranar 27 ga Yuli, 2017. Hanyar haɗin yanar gizo:
Mike Spicer: wannan yana da matukar matsala. Dubi yanayin da muke ciki yanzu - a cikin wannan ɗakin za a iya samun mutane 200-300 cikin sauƙi tare da tarin na'urori masu sadarwa a tashoshi daban-daban. Idan na saurari tasha ɗaya kawai, zan iya rasa wasu muhimman bayanai da ake watsawa a wata tashar a lokaci guda. Idan kuna ƙoƙarin sauraron duk tashoshi, dole ne ku ciyar da lokaci mai yawa don tsalle daga wannan tashar zuwa wancan. Cactus yana magance wannan matsalar ta hanyar ba ku damar sauraron duk waɗannan tashoshi a lokaci guda.
Darren Kitchen: Wadanne matsaloli ne Kraken ya fuskanta?
Mike Spicer: Daya daga cikin manyan matsalolin ita ce tashar Ethernet mai karfin megabit 100 da na haɗa da na'urar tawa da bandwidth wanda ban gamsu da shi ba. Lokacin da kake da radiyo 2 suna yin megabits 300 tare da radiyon ƙarewa 802.11, tura bayanai da yawa zai iyakance abubuwan da ake samarwa. Saboda haka, ina so in fadada tashar liyafar da watsawa. A cikin sigar Cactus na gaba, na yi sauyi daga maɓalli na megabit 100 zuwa maɓalli na gigabit, wanda ya ƙara yawan abin da ake samu da sau 10.
Tare da Kraken Na ɗauki sabuwar hanya gaba ɗaya - Ina haɗa kai tsaye zuwa bas ɗin PCI Express.
Darren Kitchen: game da PCIE - Ina ganin ɗimbin nau'ikan nau'ikan radiyo a nan, waɗanda waɗannan kusurwoyin eriya na aluminium suka tsaya.
Mike Spicer: Ee, wannan shine bayani na injiniya mai ban sha'awa dangane da sassan da aka saya akan Amazon, dole ne in yi gwagwarmaya tare da shimfida igiyoyi da fesa zanen eriya baƙar fata.
Tushen shine adaftar na'ura mai sarrafa mara waya don na'urorin Android MediaTek MT 6752, kuma mafi ban sha'awa shine amfani da direban kernel na Linux. Wannan yana nufin zan iya saka idanu akan tashoshi, zan iya yin alluran bayanai, yin duk waɗannan kyawawan abubuwan da mu masu kutse ke son yi da katunan waya.
Darren Kitchen: Ee, Ina ganin katunan 11 anan don mara waya ta B, G, A, C.
Mike Spicer: A cikin kewayon 2,4-5 GHz, 20 da 40.
Darren Kitchen: debe “ashirin” da “arba’in”. Ta wannan hanyar, ana iya amfani da kewayon sadarwa daban-daban da haɗuwarsu. Wannan wani abu ne da muka riga muka yi magana game da shi lokacin da muka tattauna game da amfani da na'urar daukar hotan takardu ta rediyo guda daya da ke yawo a tashoshin rediyo daban-daban. Kuna sauraron tashar 1 kuma ku rasa duk abin da ke faruwa a lokaci guda a tashar 6, sauraron tashar 2 kuma ku rasa sauran, da dai sauransu. Faɗa mini, haɗuwa nawa na mitoci, tashoshi, makada za su iya sarrafa na'urar ku a lokaci guda?
Mike Spicer: Bisa ga ƙididdiga na baya-bayan nan, adadin tashoshin da aka saka a lokaci guda shine 84. Wataƙila wani zai iya kula da ƙarin tashoshi, amma haɗin da na yi amfani da shi ya ba da wannan lambar. Koyaya, wannan aikin yana ba ku damar sauraron 14 kawai daga cikinsu, kusan adadin da Cactus ya ba da izini, amma kaɗan kaɗan. Ina fatan zan iya amfani da wasu mafita daga Cactus zuwa Kraken don inganta shi.
Darren Kitchen: gaya mani me kuke kamawa?
Mike Spicer: Ina amfani da software na Kismet - mai gano hanyar sadarwa ne, fakitin sniffer da tsarin gano kutse don LANs mara waya ta 802.11. Wannan software ce mai ban mamaki duka-cikin-daya wacce ke ba ni damar aiwatar da kusan duk ayyukan don DefCon, babban barga kuma yana da mai amfani da yanar gizo. Yana iya bincika cibiyoyin sadarwa mara waya, bayar da rahoton abin da ke faruwa a can, misali, yanzu za ku ga jan layi akan allo, ma'ana cewa na'urorin masu amfani suna yin musafaha a halin yanzu. Wannan software tana sarrafa bayanan sadarwar rediyo a ainihin lokacin. Daya daga cikin matsalolin da na samu ta hanyar taimakon wannan manhaja ta wannan na’ura ita ce duba bayanan da ake yi a lokaci-lokaci, wato na ga abin da ke faruwa da hanyar sadarwa ta Wireless a halin yanzu.
Darren Kitchen: kuma ba kwa buƙatar sanya jakar baya ta Cactus don yin wannan. Don haka, menene ainihin ke cikin akwatin baƙar fata na Kraken?
Mike Spicer: Ainihin saitin katunan mara waya ne na USB3.0 saboda ina haɗa kai tsaye zuwa bas ɗin PCIE.
Darren Kitchen: wato kana amfani da ainihin kwamfuta mai dauke da motherboard ATX. Wannan yayi kama da sakin alpha na na'urar da aka yi amfani da ita shekaru da yawa da suka gabata, wanda ya ƙunshi katunan 6 tare da USB2.0, wanda ke amfani da motherboard ATX mai tashoshin USB 14 kuma dole ne ya ƙara adaftar USB don aiki tare da katunan PCIE. A lokaci guda, matsaloli sun taso tare da kayan aiki. Menene aka shigar a cikin wannan na'urar? Ina ganin Intel.
Mike Spicer: a, yana amfani da Intel i5 processor, ƙarni na huɗu, babu tsada, na ɗauki abin da nake da shi. Ina da babbar uwa ta uwa a tare da ni, don haka idan wani abu ya karye, zan iya maye gurbinsa kawai, don haka a shirye nake don magance duk wata matsala da ka iya tasowa. Don Kraken, Na yi amfani da mafi arha yuwuwar cikawa daga sassan da aka yi. Wannan ba jikin Pelican bane, na yi amfani da abin da na kira Yanayin 1, wannan jikin yana da ƙarfi kuma $150 mai rahusa fiye da Pelican. Gabaɗayan saitin ya kashe ni ƙasa da $700.
Darren Kitchen: kuma akan dala 700 kun yi kyakkyawan sniffer don cibiyoyin sadarwar mara waya waɗanda zasu iya yin fiye da rediyo ɗaya. Ta yaya kuka bi don magance matsalar bandwidth ta rashin amfani da Abarba?
Mike Spicer: yanzu muna da USB3.0 guda biyu kuma zan ce wani abu game da motherboard. Idan ka duba a nan, akwai tushen tushen USB guda ɗaya wanda ke da kayan bas, don haka komai yana wucewa ta tashar USB guda 5 gigabit. Wannan ya dace sosai saboda yana kama da haɗa na'urori 250 zuwa bas ɗaya, amma ba shi da kyau ta fuskar bandwidth. Saboda haka, na sami waɗannan katunan USB na PCIE mai tashar tashar jiragen ruwa 7 tare da bandwidth na 5 gigabits kowanne kuma na haɗa su zuwa tashar gama gari tare da babban bandwidth - kusan 10 gigabits a sakan daya ta hanyar motar PCIE.
Abu na gaba shine SSD da ake amfani dashi ta hanyar 6 GB SATA, don haka a matsakaita na sami megabyte 500 a sakan daya, ko 4 gigabits.
Darren Kitchen: kuma kun kuma yi magana game da abin da za ku kira aikinku.
Mike Spicer: Na kira shi "Na san abin da kuka yi Summer Summer - 3 Shekaru na DefCon Wireless Network Monitoring."
Darren Kitchen: kuma wane irin zirga-zirga, wane bayanai kuka saka idanu a taron DefCon guda uku na ƙarshe?
Mike Spicer: Abu mafi ban sha'awa da na samu shine yatsan API. Akwai nau'ikan nau'ikan nau'ikan nau'ikan guda 2 gabaɗaya, ɗayan ya fito daga kamfanin Norwegian met.no, mai haɓaka aikace-aikacen hasashen yanayi na WeatherAPI, kuma ya shafi lokutan fitowar rana da faɗuwar rana. Wannan aikace-aikacen ya aika da buƙatar HTTP inda manyan sigogin ɗigon ya kasance latitude da longitude, don haka ba shi da lahani.
Darren Kitchen: wato duk wanda ke da adireshin MAC na wata waya ta musamman zai iya shiga wannan bukata...
Mike Spicer: Ee, kuma shigar da bayanan ku don canza lokacin fitowar rana.
Darren Kitchen: ku!
Mike Spicer: daidai, oops...Na sami wani irin wannan app na weather.com wanda ke yin abu iri ɗaya, widget ɗin tebur na ZTE ne, kuma lokacin da na gano shi, sai kawai suka busa zuciyata.
Darren Kitchen: da kyau, a, suna da madaidaiciyar hanya - me yasa ke damu da samun damar HTTP, bayanan yanayi ne kawai, babu bayanin sirri...
Mike Spicer: Ee, amma abin shine idan an shigar da su, yawancin waɗannan aikace-aikacen suna tambayarka don ba da damar samun bayanai game da wurin da kake, kuma ka ba su wannan damar, da tabbatar da cewa bayanan sirrinka za su kasance lafiya. A haƙiƙa, leken asirin ta hanyar HTTP na iya lalata amincin ku ga irin waɗannan APIs.
Darren Kitchen: yakamata ku ga tarin na'urori na musamman anan!
Mike Spicer: i, akwai na'urori da yawa akan hanyar sadarwa mara waya! A lokacin DefCon na baya, Kismet ya rushe uwar garken saboda yana sarrafa bayanai daga mahaukatan na'urori a lokaci guda akan hanyar sadarwar WiFi. Yawan na'urorin da aka yiwa rajista akan hanyar sadarwar sun kai dubu 40! Ban taba damuwa da ƙidaya adadin na'urori na musamman da na ɗauka ba saboda kamar kallon ramin zomo mara iyaka.
Darren Kitchen: Da kyau, eh, kuna DefCon bayan duka! MDK3, MDK4 suna gudana anan, gungun adiresoshin MAC suna tashi, da sauransu.
Mike Spicer: Ee, lokacin da mutane suka fara sarrafa na'urorinsu na ESP32 a lokaci guda, duk jahannama ta ɓace.
Darren Kitchen: akwai wani bayani game da Kraken akan GitHub ko a kan blog ɗin ku?
Mike Spicer: Ee, na buga lambar saboda lokacin da na yi wasu nazarin bayanan da aka karɓa, Wireshark ba zai iya jurewa ba, saboda lokacin da kuke da fayil ɗin 2,3,5 Gb a girman kuma kuna son duba buƙatar HTTP, ku. sai a jira minti 30. Ni kaɗai ne wanda kawai ke yin nazarin zirga-zirgar ababen hawa kuma ba ni da ƙungiyar da za ta yi mini hakan, don haka dole ne in yi aikina yadda ya kamata. Na kalli kayan aiki da yawa kuma na yi magana da masu haɓaka kasuwanci, amma samfuransu ba su biya bukatuna ba. Gaskiya, akwai banda guda ɗaya - shirin mai hakar ma'adinai na Network wanda ƙungiyar NETRESEC ta haɓaka. Shekaru uku da suka wuce, mawallafin ya ba ni kwafin wannan lambar kyauta, na aika masa da ra'ayoyina, sun sabunta software kuma yanzu shirin yana aiki daidai, tabbatar da cewa ba dukkanin fakitin hanyar sadarwa ba ne ake sarrafa su ba, sai dai wanda ake yadawa ta hanyar waya.
Yana raba zirga-zirga ta atomatik zuwa sassa kuma yana nuna DNS, HTTP, fayilolin kowane nau'in da za'a iya haɗawa. Kayan aikin bincike ne na kwamfuta wanda zai iya tono zurfi cikin aikace-aikace.
Wannan shirin yana aiki da kyau tare da manyan fayiloli, amma har yanzu ina gudanar da saitin tambayoyin al'ada a ciki, kuma ina buƙatar gano duk lambobin SSID da aka yi amfani da su akan hanyar sadarwar mara waya ta DefCon. Don haka na rubuta kayan aikina mai suna Pcapinator, wanda zan gabatar yayin magana ta ranar Juma'a. Na kuma buga shi a shafi na a github.com/mpicer, don haka za ku iya bincika ko yana aiki.
Darren Kitchen: Tattaunawar haɗin gwiwa da gwajin samfuranmu abu ne mai girma, ɗaya daga cikin mahimman kaddarorin al'ummarmu.
Mike Spicer: Ee, Ina son shi lokacin da mutane suka ce mini, "Me kuke tunani game da wannan ko wancan?" kuma na ce, "A'a mutane, ban yi tunani game da wani abu makamancin haka ba, wannan mummunan ra'ayi ne!" Haka yake da Kraken - ra'ayina shine kawai in liƙa duk waɗannan eriya a nan, kunna tsarin kuma sanya shi wani wuri a cikin kusurwa na tsawon sa'o'i 6 har sai baturin ya ƙare, kuma kama duk zirga-zirgar WiFi na gida.
Darren Kitchen: da kyau, Ina matukar farin cikin saduwa da ku kuma ku zo Hack 5 don ganin abin da Mike ya yi mana duka!
Wasu tallace-tallace 🙂
Na gode da kasancewa tare da mu. Kuna son labaran mu? Kuna son ganin ƙarin abun ciki mai ban sha'awa? Goyon bayan mu ta hanyar ba da oda ko ba da shawara ga abokai, , analog na musamman na sabar matakin shigarwa, wanda mu muka ƙirƙira muku: (akwai tare da RAID1 da RAID10, har zuwa 24 cores kuma har zuwa 40GB DDR4).
Dell R730xd 2x mai rahusa a cibiyar bayanan Equinix Tier IV a Amsterdam? Nan kawai a cikin Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - daga $99! Karanta game da
source: www.habr.com