Posted on

Source code for cold boot crypto key attack released

You may remember the paper released by a princeton research group regarding cold boot attacks on notebook computers in order to recover crypto keys. click to view old blog entry

The princeton research group has now released the sourcecode of a tool which will be able to recover the key, providing that the key is still stored in the DRAM. This can be achieved by severly cooling down the DRAMS temperature.

Project Overview

Link to Research Paper

some Media on the project

Turning off pxe or overall network boot may get you some valuable time, but its probably best too look out for ninjas who are carrying major cooling devices. Apparently they look something like this:

Posted on

ICMP4: First Lecture Schedule is up

The small version of the Chaos Communication Camp, the ICMP4 aka. Intergalaktische Club Mate Party is less than one month away. The first lectures are popping up on the schedule, including mine

I will be holding a presentation which is a mix between a hacking and a social track about criminalization of computer security and computer analysis tools using wireshark as an example.

Why a packet sniffer?

  • can be used to analyze security breaches and penetration test of ones own  principal network design regarding wiretapping
  • can be used to analyze common network interconnectivity problems
  • can be used to learn and understand how network communication actually works
  • can also be used to gather personal information on people and their communication (eavesdropping) which is the actual contrary of this tool set, after all if there was no malicious content, no one would give a rats ass about it. This is not what my lecture will be about…

Why Wireshark?

  • its open source and available for multiple platforms
  • its currently one of the most developed packet sniffers out there with very cool additional features
  • captured packet output format is compatible with tcpdump so the actual sniffing part does not even require wireshark nor a desktop environment

Presentation will be up about one or two days before the event, I might also upload an English version in case someone is interested.

Posted on

Backtrack 3 goes final

Backtrack, a security and penetration testing oriented Live Boot Linux Distribution has reached Final Stage in the current verison 3.

The Download consists of CD Images, USB bootable Version (which i am booting off a SD Card on my EEE PC) and vmware Images and contains more than 300 tools used by white hats and black hats as well and will give you an introduction on real world attack methodologies on your IT infrastructure.

http://www.remote-exploit.org/backtrack.html

Posted on

Goolag Scanner goes fishin

Storing ..um.. classified Information on your webserver in hidden directories is not exactly very bright because you can be sure that google will index anything it can get.

The goolag scanner, which was recently released by the famous hacker group cultDeadcow actually found pornography on chinese government owned (gov.cn) sites and security holes on western servers.

http://www.cultdeadcow.com/archives/2008/03/cult_of_the_dead_cow.php3

Please assume that files being stored in http://mydomain.com/_this/is/a_super/secret/directory/ will easily be found by simple methods such as specially designed search queries:

intitle:index.of +”last modified” +”parent directory” +(pdf|doc) +”Secret” -htm -html -php -asp

Posted on

Attacks on disk encryption keys

A Princeton computer scientist team has released a white paper which documents their cold boot attacks on encryption keys. The scenarios are based on a key recovery involving primarily laptop computers using various methods to keep the key stored in dram on a power off.

Very interesting article and a guideline on preventing attacks like this. The most effective way is certainly limiting boot options in order do prevent anyone booting up tools to steal your encryption key.

http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
SecuriTeam Article

Posted on

Chaos Communication Camp 2007 DVD released

Finally, some decent video footage from the most awesome event i attended in the last few years.

ftp://ftp.ccc.de/camp2007/ccc_camp_2007_movie_DVD

Some news that might interest all the happy campers out there:

The Erlangen CCC organisation Bits n Bugs is hosting the ICMP4 this year. Not too much info up yet but be sure to check out the event wiki and the event site

Update

ICMP4 Website is up and the event ist sheduled for August 8-12

The ICMP is basically yet another outdoor hacker event which focuses on a lot of chill out and some lectures.