Darren Kitchen: Masikati akanaka, tiri padivi pemusangano weDefCon paburion yeboka rehacker Hack 5, uye ndinoda kusuma mumwe wevanondidheerera vandinoda, DarkMatter, nebudiriro yake itsva inonzi WiFi Kraken.
Nguva yatakapedzisira kusangana, wanga uine bhegi hombe raive ne "Cactus" rakaiswa chinanazi kumusana kwako, uye dzaive nguva dzekupenga!
Chiziviso chemushanduri: Mike akaisa pineapple chaiyo pane yake Cactus mudziyo - anogutsurira kuWiFi Pineapple, hacker mudziyo wekutora waya isina waya, ona mufananidzo kubva kumusangano weBlackHat 2017.
Mike Spicer: Hongu, nguva dzekupenga zvachose! Saka, chirongwa ichi chinoenda pasi pe hashtag WiFi Kraken uye inomiririra chizvarwa chitsva chetekinoroji mumunda wekutarisa waya isina waya. Pandakagadzira WiFi Cactus, ndakawana hunyanzvi hwakawanda uye ndakasarudza kuisa zvandakadzidza mukuita, ndichiishandisa kuzadzisa zvinangwa zvinoshanda muchirongwa chitsva. Nhasi ndinokupa iwe Kraken!
Darren Kitchen: uye chii ichi Kraken? Nei ichidikanwa uye chinangwa chebudiriro iyi ndechei?
Mike Spicer: Chinangwa ndechekukwanisa kutora data rese kamwechete, ese makumi mashanu eWiFi chiteshi mu50 -2.4 gigahertz renji, panguva imwe chete.
Darren Kitchen: wadii kungoshandisa chiteshi chimwe chete cheredhiyo kubata data rese?
Chiziviso chemushanduri: Mike Spicer ndiye musiki weWiFi Cactus, mudziyo wekutarisa 50 wireless communication channels dzinoshandiswa nenharembozha dziri mukati meradius yemamita 100. WiFi Cactus yakatanga kuratidzwa kuruzhinji pamusangano weBlackHat musi wa27 Chikunguru, 2017. Source link:
Mike Spicer: izvi zvinonetsa. Tarisa nharaunda yatiri iko zvino - mukamuri rino munogona kuve nevanhu mazana maviri nemazana matatu neboka remidziyo inotaurirana pamatanho akasiyana. Kana ndikangoteerera chiteshi chimwe chete, ndingapotsa mamwe mashoko akakosha ari kutepfenyurwa pane imwe chiteshi panguva imwe chete. Kana iwe ukaedza kuteerera kune ese chiteshi, iwe unofanirwa kupedza nguva yakawanda uchisvetuka kubva kune imwe chiteshi kuenda kune imwe. Cactus inogadzirisa dambudziko iri nekukubvumidza kuti uteerere kune ese ezviteshi panguva imwe chete.
Darren Kitchen: Ndeapi matambudziko aifanira kutarisana naKraken?
Mike Spicer: Rimwe rematambudziko makuru raive 100 megabit Ethernet port yandakabatanidza kune yangu mudziyo uye bandwidth yandisina kugutsikana nayo. Paunenge uine maredhiyo maviri ari kuita mazana matatu megabits ane 2 ekupedzisira maredhiyo, kusunda data rakawandisa kunodzikamisa zvakanyanya kubuda. Naizvozvo, ndaida kuwedzera chiteshi chekugamuchira uye chekufambisa. Mune inotevera vhezheni yeCactus, ndakaita shanduko kubva ku300 megabit switch kuenda kugigabit switch, iyo yakawedzera kubuda negumi.
NaKraken ndakatora nzira nyowani - ndinobatanidza zvakananga kuPCI Express bhazi.
Darren Kitchen: nezve PCIE - Ndinoona boka rese remamodule eredhiyo pano, kubva kwaanobva aya makona ealuminium antenna anonamira kunze.
Mike Spicer: hongu, iyi inonakidza engineering mhinduro yakavakirwa pane zvikamu zvakatengwa paAmazon, ndaifanira kunetseka nekuisa kunze tambo uye kupfapfaidza kupenda antennas nhema.
Hwaro ndeye isina waya processor adapter yeAroid zvishandiso MediaTek MT 6752, uye inonyanya kufadza ndeyekushandiswa kweLinux kernel driver. Izvi zvinoreva kuti ndinogona kutarisa zviteshi, ndinogona kubaya data, kuita zvese izvo zvinhu zvinotonhorera izvo isu matsotsi tinoda kuita nemakadhi asina waya.
Darren Kitchen: hongu, ndiri kuona makadhi gumi nerimwe pano ewireless B, G, A, C.
Mike Spicer: muhuwandu hwe2,4-5 GHz, 20 uye 40.
Darren Kitchen: kubvisa "makumi maviri" uye kuwedzera "makumi mana". Nenzira iyi, mitsara yekukurukurirana yakasiyana uye misanganiswa yavo inogona kushandiswa. Ichi chimwe chinhu chatakatotaura nezvazvo patakakurukura nezvekushandiswa kweredhiyo scanner ichisvetuka mumateshi eredhiyo akasiyana. Unoteerera chiteshi 1 wopotsa zvese zviri kuitika panguva imwe chete pachiteshi chechitanhatu, teerera chiteshi 6 wopotsa zvimwe, zvichingodaro. Ndiudze, mangani masanganiswa emafrequency, chiteshi, mabhendi anogona kugadzira mudziyo wako panguva imwe chete?
Mike Spicer: Maererano nekuverenga kwemazuva ano, nhamba yezviteshi zvakatariswa panguva imwe chete ndeye 84. Zvichida mumwe munhu achakwanisa kutarisa mamwe mitsara, asi kusanganiswa kwandakashandisa kunopa iyi nhamba. Zvisinei, chirongwa ichi chinokubvumira kuti uteerere kune gumi nemana chete avo, anenge akawanda seCactus anobvumira, asi zvishoma zvishoma. Ndinovimba kuti ndinogona kushandisa mamwe emhinduro kubva kuCactus kuenda kuKraken kuti zviite zvakanyanya.
Darren Kitchen: ndiudze zvaunoshandisa kubata?
Mike Spicer: Ini ndinoshandisa Kismet software - intiweki detector, packet sniffer uye intrusion yekuona system ye802.11 isina waya maLAN. Iyi inoshamisa yese-mu-imwe software inonditendera kuita anenge ese mapurojekiti eDefCon, yakagadzikana uye ine webhu mushandisi interface. Inogona kuongorora mawireless network, taura zviri kuitika ipapo, semuenzaniso, ikozvino iwe unoona mutsara mutsvuku pane yekutarisa skrini, zvichireva kuti zvishandiso zvemushandisi zviri kuita kubata maoko. Iyi software inogadzirisa redhiyo kutaurirana data munguva chaiyo. Imwe yematambudziko andakakwanisa kugadzirisa nerubatsiro rwesoftware pachigadzirwa ichi ndeyechokwadi-nguva data kuona, ndiko kuti, ndinoona pane chekutarisa zviri kuitika netiweki isina waya izvozvi.
Darren Kitchen: uye haufanire kupfeka yako Cactus bhegi kuti uite izvi. Saka chii chaizvo chiri mubhokisi dema raKraken?
Mike Spicer: Iri chaizvo seti ye USB3.0 isina waya makadhi nekuti ndiri kubatanidza zvakananga kuPCIE bhazi.
Darren Kitchen: ndiko kuti, uri kushandisa komputa chaiyo ine ATX motherboard. Izvi zvakafanana nekuburitswa kwealpha kwechishandiso chakashandiswa makore mazhinji apfuura, chine makadhi matanhatu ane USB6, iyo yaishandisa ATX motherboard ine gumi nemana USB ports uye yaifanira kuwedzera USB adapter kushanda nePCIE makadhi. Panguva imwecheteyo, matambudziko akamuka nekupfuura. Chii chakaiswa mumudziyo uyu? Ndiri kuona Intel.
Mike Spicer: hongu, inoshandisa Intel i5 processor, chizvarwa chechina, hapana chinodhura, ndakatora zvandaive nazvo. Ndine spare bhobho bhobho, saka kana chimwe chinhu kikaputsika, ndinogona kungochitsiva, saka ndakagadzirira kugadzirisa chero matambudziko angamuka. KuKraken, ndakashandisa zvakachipa zvinhu zvinowanikwa kubva kune zvakagadzirirwa-zvakagadzirwa zvikamu. Uyu hausi muviri wePelican, ndakashandisa yandinodaidza kuti Condition 1, muviri uyu wakasimba uye $150 yakachipa kupfuura Pelican. Kuseta kwese kwaindidyira mari isingasviki $700.
Darren Kitchen: uye nemazana manomwe emadhora iwe wakagadzira yakanakisa sniffer yeasina waya network iyo inogona kuita zvinopfuura redhiyo imwe chete. Wakasvika sei pakugadzirisa dambudziko rebandwidth nekusashandisa Pineapple?
Mike Spicer: ikozvino tine maviri USB3.0 uye ini ndichataura chimwe chinhu nezvebhobhobhodhi. Kana iwe ukatarisa pano, pane imwechete USB midzi hub ine bhazi-yakashongedzerwa, saka zvese zvinoenda kuburikidza imwechete 5 gigabit USB port. Izvi zviri nyore nekuti zvakaita sekuva nemidziyo mazana maviri nemakumi mashanu yakabatana nebhazi rimwe chete, asi haina kunaka maererano nebandwidth. Naizvozvo, ndakawana aya 250-port PCIE USB makadhi ane bandwidth ye7 gigabits imwe neimwe uye akaasanganisa kuita imwe yakajairika chiteshi ine yakakwirira bandwidth - anenge gumi gigabits pasekondi kuburikidza nePCIE bhazi.
Iyo inotevera bhodhoro ndeye SSD inoshandiswa kuburikidza ne6 GB SATA, saka paavhareji ndakawana 500 megabytes pasekondi, kana 4 gigabits.
Darren Kitchen: uye wakataurawo nezvekuti kuita kwako.
Mike Spicer: Ndakaritumidza kuti "Ndinoziva Zvawakaita Zhizha - 3 Makore eDefCon Wireless Network Monitoring."
Darren Kitchen: uye rudzii rwetraffic, ndeipi data yawakatarisa pamisangano mitatu yekupedzisira yeDefCon?
Mike Spicer: Chinhu chinonyanya kufadza chandakawana yaive API kuvuza. Paive ne2 nyaya dzakadai pamwe chete, imwe yakabuda kubva kukambani yeNorway met.no, mugadziri weiyo WeatherAPI mamiriro ekunze application, uye ine chekuita nenguva dzekubuda nekunyura kwezuva. Ichi chishandiso chakatumira chikumbiro cheHTTP uko iwo makuru maparamendi ekuvuza aive latitude uye longitudo, saka haina kukuvadza zvachose.
Darren Kitchen: kureva kuti, chero munhu ane kero yeMAC yefoni yakasarudzika anogona kubata chikumbiro ichi...
Mike Spicer: hongu, uye isa data rako kuti uchinje nguva yekubuda kwezuva.
Darren Kitchen: oops!
Mike Spicer: ndizvozvo chaizvo, oops...Ndakawana imwe yakafanana weather.com app inoita chinhu chimwe chete, ndiyo ZTE desktop widget, uye pandakaiwana, vakangondibhowa.
Darren Kitchen: zvakanaka, hongu, vane nzira yakajeka - nei uchinetseka nekuwanikwa kweHTTP, ingori data yemamiriro ekunze, hapana ruzivo rwepachivande ...
Mike Spicer: hongu, asi chinhu ndechekuti kana yaiswa, mazhinji ezvikumbiro izvi zvinokukumbira kuti ubvumire kuwana ruzivo nezve nzvimbo yako, uye unovapa mukana uyu, uine chokwadi chekuti data rako pachako richave rakachengeteka. Muchokwadi, kuburitswa kweruzivo kuburikidza neHTTP kunogona kukanganisa zvachose kuvimba kwako mumaAPI akadaro.
Darren Kitchen: iwe unofanirwa kunge waona boka rese rezvishandiso zvakasarudzika pano!
Mike Spicer: hongu, kune akawanda, akawanda madivayiri pane isina waya network! Munguva yeDefCon yapfuura, Kismet yakapwanya sevha nekuti yaigadzirisa data kubva kunhamba inopenga yemidziyo panguva imwe chete paWiFi network. Nhamba yemidziyo yakanyoreswa pane network yakasvika zviuru makumi mana! Handina kumbobvira ndazvinetsa kuverenga nhamba yese yezvishandiso zvakasiyana zvandakatora nekuti zvakaita sekutarisa pasi pegomba retsuro risingaperi.
Darren Kitchen: Zvakanaka, hongu, uri kuDefCon mushure mezvose! MDK3, MDK4 iri kushanda pano, boka reMAC kero rinobuda, nezvimwe.
Mike Spicer: hongu, kana vanhu vatanga kumhanyisa ESP32 microcontroller yavo panguva imwe chete, gehena rose rinobvaruka.
Darren Kitchen: pane chero ruzivo nezve Kraken paGitHub kana pane yako blog?
Mike Spicer: hongu, ndakatumira iyo kodhi nekuti pandakaita imwe ongororo ye data yakagamuchirwa, Wireshark haina kukwanisa kurarama nayo, nekuti kana uine faira re2,3,5 Gb muhukuru uye iwe uchida kutarisa chikumbiro cheHTTP, iwe. unofanira kumirira maminitsi makumi matatu. Ini ndiri murume ari ega anongoongorora traffic uye handina timu yekundiitira, saka ndinofanira kuita basa rangu nemazvo. Ndakatarisa maturusi akati wandei ndikataura nevagadziri vekutengesa, asi zvigadzirwa zvavo hazvina kuzadzisa zvandinoda. Ichokwadi, pane imwe chete yakasara - purogiramu yeNetwork miner yakagadzirwa neboka reNETRESEC. Makore matatu apfuura, mugadziri akandipa kopi yemahara yekodhi iyi, ndakamutumira mhinduro dzangu, vakagadziridza software uye ikozvino chirongwa chinoshanda zvakakwana, kuve nechokwadi chekuti haasi ese etiweki mapaketi anogadziriswa, asi iwo chete anopfuudzwa pasina waya.
Iyo inongopatsanura traffic kuita zvikamu uye inoratidza DNS, HTTP, mafaera emhando ipi neipi inogona kubatanidzwazve. Iyo komputa forensics chishandiso chinogona kuchera zvakadzika mumashandisirwo.
Chirongwa ichi chinoshanda zvakanaka nemafaira akakura, asi ini ndaingomhanyisa seti yemubvunzo mukati mayo, uye ndaidawo kutsvaga makodhi ese eSSID anoshandiswa paDefCon isina waya network. Saka ndakanyora mudziyo wangu ndega unonzi Pcapinator, wandichazopa muhurukuro yangu neChishanu. Ndakazvitumirawo pane yangu peji pa github.com/mspicer, saka unogona kutarisa kana inoshanda.
Darren Kitchen: hurukuro pamwe chete uye kuyedzwa kwezvigadzirwa zvedu chinhu chikuru, chimwe chezvinhu zvakakosha zvenharaunda yedu.
Mike Spicer: hongu, ndinozvifarira kana vanhu vachiti kwandiri, "Unofungei pamusoro peizvi kana izvo?" Ini ndoti, "Kwete vakomana, ini handina kumbofunga nezve chero chinhu chakadaro, ipfungwa yakanaka kwazvo!" Zvakangofanana nekwaKraken - pfungwa yangu yaive yekungonamatira aya antennas pano, kubatidza sisitimu woiisa kumwe kukona kwemaawa matanhatu kusvika bhatiri rapera, uye kubata ese emuno WiFi traffic.
Darren Kitchen: tsime, Ndiri kufara chaizvo kusangana nemi uye imi vakomana kuuya Hack 5 kuona zvaitwa naMike kwatiri tose!
Dzimwe ads π
Ndinokutendai nekugara nesu. Unoda zvinyorwa zvedu here? Unoda kuona zvimwe zvinonakidza zvemukati? Titsigire nekuisa odha kana kukurudzira kushamwari, , yakasarudzika analogue yekupinda-level maseva, iyo yakagadzirwa nesu kuti iwe: (inowanikwa neRAID1 uye RAID10, kusvika ku24 cores uye kusvika ku40GB DDR4).
Dell R730xd 2 nguva yakachipa muEquinix Tier IV data center muAmsterdam? Chete pano muNetherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - kubva pamadhora makumi mapfumbamwe nemapfumbamwe! Verenga nezve
Source: www.habr.com