Darren Kitchen: Madzulo abwino, tili pambali pa msonkhano wa DefCon pabwalo la gulu la hacker Hack 5, ndipo ndikufuna kuti ndidziwitse mmodzi wa omwe ndimawakonda kwambiri, DarkMatter, ndi chitukuko chake chatsopano chotchedwa WiFi Kraken.
Nthawi yomaliza yomwe tidakumana, mudali ndi chikwama chachikulu chokhala ndi "Cactus" pamwamba ndi chinanazi pamsana panu, ndipo imeneyo inali nthawi yopenga!
Ndemanga ya womasulira: Mike adayika chinanazi chenicheni pa chipangizo chake cha Cactus - kugwedeza kwa WiFi Pineapple, chida chodulirapo cholumikizira mauthenga opanda zingwe, onani chithunzi cha msonkhano wa BlackHat 2017.
Mike Spicer: Inde, nthawi zopenga! Chifukwa chake, pulojekitiyi ikupita pansi pa hashtag WiFi Kraken ndikuyimira m'badwo watsopano waukadaulo pantchito yowunikira ma network opanda zingwe. Nditapanga WiFi Cactus, ndinapeza luso lambiri ndipo ndinaganiza zogwiritsa ntchito zomwe ndinaphunzira, ndikuzigwiritsa ntchito kuti ndikwaniritse zolinga zenizeni mu polojekiti yatsopano. Lero ndikupereka kwa inu Kraken!
Darren Kitchen: ndipo Kraken uyu ndi chiyani? Chifukwa chiyani kuli kofunikira ndipo cholinga cha chitukukochi ndi chiyani?
Mike Spicer: Cholinga ndikutha kujambula deta yonse nthawi imodzi, njira zonse 50 za WiFi mumtundu wa 2.4 -5 gigahertz, nthawi imodzi.
Darren Kitchen: bwanji osagwiritsa ntchito tchanelo chimodzi chawayilesi kuti muyike deta yonse?
Ndemanga ya womasulira: Mike Spicer ndiye mlengi wa WiFi Cactus, chipangizo chowunikira njira 50 zoyankhulirana zopanda zingwe zomwe zimagwiritsidwa ntchito ndi zida zam'manja zomwe zili mkati mwa mtunda wa mita 100. WiFi Cactus idawonetsedwa koyamba kwa anthu pamsonkhano wa BlackHat pa Julayi 27, 2017. Ulalo woyambira:
Mike Spicer: izi ndizovuta. Yang'anani malo omwe tili pano - m'chipinda chino mutha kukhala ndi anthu 200-300 omwe ali ndi zida zambiri zolankhulirana pamayendedwe osiyanasiyana. Ngati ndingomvetsera tchanelo chimodzi, ndikhoza kuphonya mfundo zina zofunika zimene zikuulutsidwa pa tchanelo china nthawi yomweyo. Ngati muyesa kumvetsera ma tchanelo onse, muyenera kuthera nthawi yochuluka kudumpha kuchokera pa tchanelo china kupita ku china. Cactus amathetsa vutoli pokulolani kuti mumvetsere kumayendedwe onsewa nthawi imodzi.
Darren Kitchen: Kodi Kraken anakumana ndi mavuto otani?
Mike Spicer: Chimodzi mwazovuta zazikulu chinali doko la 100 megabit Ethernet lomwe ndidalumikiza ku chipangizo changa komanso bandwidth yomwe sindinakhutire nayo. Mukakhala ndi mawayilesi awiri omwe akuchita ma megabit 2 okhala ndi ma wayilesi omaliza 300, kukankhira deta yochulukirapo kumachepetsa kwambiri kutulutsa. Chifukwa chake, ndidafuna kukulitsa njira yolandirira ndi kutumiza. Mu mtundu wotsatira wa Cactus, ndidasintha kuchokera pakusintha kwa 802.11 megabit kupita ku switch ya gigabit, yomwe idakulitsa kutulutsa ndi ka 100.
Ndi Kraken ndinatenga njira yatsopano - ndimalumikizana mwachindunji ndi basi ya PCI Express.
Darren Kitchen: za PCIE - Ndikuwona ma module ambiri apa, pomwe ngodya za aluminiyamu zimatuluka.
Mike Spicer: inde, iyi ndi njira yosangalatsa yaumisiri yotengera magawo omwe adagulidwa ku Amazon, ndidavutika ndikuyala zingwe ndikupopera utoto wakuda wa tinyanga.
Maziko ndi ma adapter opanda zingwe a zida za Android MediaTek MT 6752, ndipo chosangalatsa kwambiri ndikugwiritsa ntchito dalaivala wa Linux kernel. Izi zikutanthauza kuti nditha kuyang'anira mayendedwe, nditha kulowetsa deta, kuchita zinthu zonse zabwino zomwe ife obera timakonda kuchita ndi makhadi opanda zingwe.
Darren Kitchen: inde, ndikuwona makadi 11 apa opanda zingwe B, G, A, C.
Mike Spicer: mu osiyanasiyana 2,4-5 GHz, 20 ndi 40.
Darren Kitchen: kuchotsa “makumi awiri” ndi kuphatikiza “makumi anayi”. Mwanjira iyi, mayendedwe osiyanasiyana olumikizirana ndi kuphatikiza kwawo angagwiritsidwe ntchito. Izi ndi zomwe tidakambirana kale pomwe timakambilana za kugwiritsa ntchito sikani ya wailesi imodzi kumadumpha mawayilesi osiyanasiyana. Mumamvera tchanelo 1 ndikuphonya chilichonse chomwe chikuchitika nthawi imodzi pa tchanelo 6, mverani chaneli 2 ndikuphonya zina zonse, ndi zina zotero. Ndiuzeni, ndi mitundu ingati ya ma frequency, ma tchanelo, magulu omwe chipangizo chanu chingasinthe nthawi imodzi?
Mike Spicer: Malingana ndi mawerengedwe atsopano, chiwerengero cha njira zomwe zimayang'aniridwa nthawi imodzi ndi 84. Mwinamwake wina adzatha kuyang'anira njira zambiri, koma kuphatikiza komwe ndinagwiritsa ntchito kumapereka nambala iyi. Komabe, polojekitiyi imakulolani kuti mumvetsere 14 okha, pafupifupi ochuluka monga Cactus amalola, koma pang'ono. Ndikuyembekeza kuti nditha kugwiritsa ntchito njira zina kuchokera ku Cactus kupita ku Kraken kuti zikhale zogwira mtima.
Darren Kitchen: ndiuzeni mumagwila chani?
Mike Spicer: Ndimagwiritsa ntchito pulogalamu ya Kismet - ndi chojambulira pa netiweki, packet sniffer ndi intrusion sensor system ya 802.11 ma LAN opanda zingwe. Iyi ndi pulogalamu yodabwitsa ya onse-in-imodzi yomwe imandilola kuchita pafupifupi ma projekiti onse a DefCon, okhazikika komanso ali ndi mawonekedwe ogwiritsa ntchito intaneti. Ikhoza kuyang'ana maukonde opanda zingwe, kunena zomwe zikuchitika kumeneko, mwachitsanzo, tsopano mukuwona mzere wofiira pawindo la polojekiti, kutanthauza kuti zipangizo zogwiritsira ntchito pakali pano zikugwirana chanza. Pulogalamuyi imayendetsa deta yolumikizana ndi wailesi munthawi yeniyeni. Imodzi mwamavuto omwe ndidatha kuthana nawo mothandizidwa ndi pulogalamuyo pazida izi ndikuwona zenizeni zenizeni, ndiko kuti, ndikuwona pazowunikira zomwe zikuchitika ndi netiweki yopanda zingwe pakali pano.
Darren Kitchen: ndipo simuyenera kuvala chikwama chanu cha Cactus kuti muchite izi. Ndiye ndi chiyani kwenikweni mu bokosi lakuda la Kraken?
Mike Spicer: Ndi makadi opanda zingwe a USB3.0 chifukwa ndikulumikizana mwachindunji ndi basi ya PCIE.
Darren Kitchen: ndiko kuti, mukugwiritsa ntchito kompyuta yeniyeni yokhala ndi bolodi ya ma ATX. Izi ndizofanana kwambiri ndi kutulutsidwa kwa alpha kwa chipangizo chomwe chinagwiritsidwa ntchito zaka zambiri zapitazo, chokhala ndi makadi 6 okhala ndi USB2.0, omwe adagwiritsa ntchito bolodi ya ma ATX yokhala ndi madoko 14 a USB ndipo adayenera kuwonjezera adaputala ya USB kuti agwire ntchito ndi makadi a PCIE. Panthawi imodzimodziyo, zovuta zinayamba ndi kupita patsogolo. Ndi chiyani chomwe chayikidwa pachidachi? Ndikuwona Intel.
Mike Spicer: inde, imagwiritsa ntchito purosesa ya Intel i5, m'badwo wachinayi, palibe chodula, ndinatenga zomwe ndinali nazo. Ndili ndi bolodi yotsalira ndi ine, kotero ngati china chake chasweka, nditha kungosintha, kotero ndili wokonzeka kuthana ndi vuto lililonse lomwe lingabwere. Kwa Kraken, ndidagwiritsa ntchito zotsika mtengo kwambiri zomwe zimapezeka kuchokera kuzinthu zopangidwa kale. Ili si thupi la Pelican, ndidagwiritsa ntchito zomwe ndimatcha Condition 1, thupi ili ndi lolimba komanso $ 150 yotsika mtengo kuposa Pelican. Kukonzekera konse kumanditengera ndalama zosakwana $700.
Darren Kitchen: ndi ndalama zokwana 700 mudapanga chonunkhiritsa bwino kwambiri pamanetiweki opanda zingwe chomwe chimatha kuchita zambiri kuposa wailesi imodzi. Munachita bwanji kuti muthane ndi vuto la bandwidth osagwiritsa ntchito Chinanazi?
Mike Spicer: tsopano tili ndi ma USB3.0 awiri ndipo ndinenapo za boardboard. Ngati muyang'ana apa, pali kachipangizo kakang'ono ka USB kamene kali ndi basi, kotero zonse zimadutsa pa doko limodzi la 5 gigabit USB. Izi ndizothandiza kwambiri chifukwa zili ngati kukhala ndi zida 250 zolumikizidwa ku basi imodzi, koma sizowoneka bwino pamawu a bandwidth. Chifukwa chake, ndidapeza makhadi a USB a 7-port PCIE okhala ndi bandwidth ya 5 gigabits iliyonse ndikuphatikiza munjira imodzi wamba yokhala ndi bandwidth yayikulu - pafupifupi magigabiti 10 pamphindikati kudzera pa basi ya PCIE.
Botolo lotsatira ndi SSD yogwiritsidwa ntchito kudzera pa 6 GB SATA, kotero pafupifupi ndinali ndi 500 megabytes pamphindikati, kapena 4 gigabits.
Darren Kitchen: ndipo munalankhulanso zomwe mungatchule kuti ntchito yanu.
Mike Spicer: Ndinachitcha "Ndikudziwa Zomwe Munachita M'chilimwe Chatha - Zaka 3 za DefCon Wireless Network Monitoring."
Darren Kitchen: ndi magalimoto amtundu wanji, ndi data yanji yomwe mudayang'anira pamisonkhano itatu yapitayi ya DefCon?
Mike Spicer: Chosangalatsa kwambiri chomwe ndapeza chinali kutayikira kwa API. Panali milandu iwiri yotereyi, kutulutsa kumodzi kudachokera ku kampani yaku Norway met.no, wopanga pulogalamu yolosera zanyengo ya WeatherAPI, komanso zokhudzana ndi nthawi yotuluka ndi kulowa kwadzuwa. Pulogalamuyi idatumiza pempho la HTTP pomwe magawo akulu a kutayikira anali latitude ndi longitude, kotero ndizopanda vuto lililonse.
Darren Kitchen: ndiye kuti, aliyense yemwe ali ndi adilesi ya MAC ya foni yapadera akhoza kukana pempholi...
Mike Spicer: inde, ndikulowetsani deta yanu kuti musinthe nthawi yotuluka dzuwa.
Darren Kitchen: uwu!
Mike Spicer: kulondola ndendende, oops ... Ndapeza pulogalamu ina yofananira ya weather.com yomwe imachita zomwezo, ndi widget ya ZTE desktop, ndipo nditazindikira, adangondisokoneza maganizo.
Darren Kitchen: Chabwino, inde, ali ndi njira yomveka bwino - bwanji mukuvutikira ndi kupezeka kwa HTTP, ndi data chabe yanyengo, palibe zinsinsi zachinsinsi ...
Mike Spicer: inde, koma chinthu ndi chakuti mukayika, ambiri mwa mapulogalamuwa amakufunsani kuti mulole kupeza zambiri za malo anu, ndipo mumawapatsa mwayi umenewu, pokhala otsimikiza kuti deta yanu idzakhala yotetezeka. M'malo mwake, kutulutsa chidziwitso kudzera pa HTTP kumatha kufooketsa chidaliro chanu mu ma API otere.
Darren Kitchen: muyenera kuti mwawona mulu wonse wa zida zapadera pano!
Mike Spicer: inde, pali zida zambiri, zambiri pamaneti opanda zingwe! Pa DefCon yapitayi, Kismet idasokoneza seva chifukwa imakonza deta kuchokera pazida zopenga nthawi imodzi pa netiweki ya WiFi. Chiwerengero cha zipangizo analembetsa pa maukonde anafika 40 zikwi! Sindinavutikepo kuwerengera zida zonse zapadera zomwe ndatenga chifukwa zimakhala ngati kuyang'ana pansi pa dzenje losatha la kalulu.
Darren Kitchen: Chabwino, inde, muli ku DefCon pambuyo pake! MDK3, MDK4 ikugwira ntchito pano, ma adilesi a MAC ambiri atulukira, ndi zina zotero.
Mike Spicer: eya, anthu akayamba kuyendetsa ma microcontroller awo a ESP32 nthawi imodzi, gehena yonse imasweka.
Darren Kitchen: pali zambiri za Kraken pa GitHub kapena pabulogu yanu?
Mike Spicer: inde, ndidatumiza kachidindo chifukwa nditasanthula zomwe zidalandilidwa, Wireshark sanathe kupirira, chifukwa mukakhala ndi fayilo ya 2,3,5 Gb kukula kwake ndipo mukufuna kuyang'ana pempho la HTTP, mu dikirani kwa mphindi 30. Ndine munthu yekhayekha yemwe amangosanthula magalimoto ndipo ndilibe gulu londichitira izi, ndiye ndiyenera kugwira ntchito yanga moyenera momwe ndingathere. Ndinayang'ana zida zingapo ndikuyankhula ndi opanga malonda, koma malonda awo sanakwaniritse zosowa zanga. Zowona, panali chosiyana chimodzi - pulogalamu ya Network Miner yopangidwa ndi gulu la NETRESEC. Zaka zitatu zapitazo, wopanga mapulogalamuwa adandipatsa kopi yaulere ya code iyi, ndinamutumizira ndemanga zanga, adasintha pulogalamuyo ndipo tsopano pulogalamuyo ikugwira ntchito mwangwiro, kuonetsetsa kuti si mapaketi onse a intaneti omwe amakonzedwa, koma okhawo omwe amafalitsidwa popanda waya.
Imagawaniza magalimoto kukhala magawo ndikuwonetsa DNS, HTTP, mafayilo amtundu uliwonse omwe angasonkhanitsidwenso. Ndi chida cha forensics cha pakompyuta chomwe chimatha kukumba mozama pamapulogalamu.
Pulogalamuyi imagwira ntchito bwino ndi mafayilo akulu, koma ndimayendetsabe mafunso okhazikika momwemo, komanso ndimayenera kupeza ma code onse a SSID omwe amagwiritsidwa ntchito pa netiweki ya DefCon opanda zingwe. Chifukwa chake ndinalemba chida changa chotchedwa Pcapinator, chomwe ndidzapereka pa nkhani yanga Lachisanu. Ndaziyikanso patsamba langa pa github.com/mspicer, kuti muwone ngati ikugwira ntchito.
Darren Kitchen: kukambirana pamodzi ndikuyesa zinthu zathu ndi chinthu chabwino, chimodzi mwazinthu zofunika kwambiri mdera lathu.
Mike Spicer: eya, ndimakonda anthu akamandiuza kuti, “Mukuganiza bwanji za izi kapena izo?” ndipo ndimati, “Ayi anyamata, sindinaganizepo za chilichonse chonga icho, ndi lingaliro labwino kwambiri! Chimodzimodzinso ndi Kraken - lingaliro langa linali longomamatira tinyanga zonsezi pano, kuyatsa kachitidwe ndikuyika kwinakwake pakona kwa maola 6 mpaka batire itatha, ndikugwira ma WiFi onse amderalo.
Darren Kitchen: chabwino, Ndine wokondwa kwambiri kukumana nanu ndipo inu anyamata kubwera kuthyolako 5 kuona zimene Mike wachita kwa tonsefe!
Zotsatsa zina 🙂
Zikomo chifukwa chokhala nafe. Kodi mumakonda zolemba zathu? Mukufuna kuwona zambiri zosangalatsa? Tithandizeni potipatsa oda kapena kulimbikitsa anzathu, , ma analogi apadera a ma seva olowera, omwe adakupangirani inu: (ikupezeka ndi RAID1 ndi RAID10, mpaka 24 cores mpaka 40GB DDR4).
Dell R730xd 2x yotsika mtengo ku Equinix Tier IV data center ku Amsterdam? Pokhapokha ku Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - kuchokera $99! Werengani za
Source: www.habr.com