@dinosec protección de comunicaciones en … · 2014 © dino security s.l. all rights reserved
TRANSCRIPT
![Page 1: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/1.jpg)
2014 © Dino Security S.L.
All rights reserved. Todos los derechos reservados.
w w w. d i n o s e c . c o m
@ d i n o s e c
Protección de comunicaciones en
dispositivos móviles
(NFC, Bluetooth & Wi-Fi)
Raúl Siles
@raulsiles
3 abril 2014 – TASSI
Escenarios de ataque
![Page 2: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/2.jpg)
2014 © Dino Security S.L.
All rights reserved. Todos los derechos reservados.
w w w. d i n o s e c . c o m
@ d i n o s e c
Mobile Devices Communications
Protection
(NFC, Bluetooth & Wi-Fi)
Raúl Siles
@raulsiles
April 3, 2014 – TASSI
Attack Scenarios
![Page 3: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/3.jpg)
3 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Outline
• Introduction
• NFC
• Bluetooth
• Wi-Fi
• References
Crypt4You: “Lección 4. Protección de
comunicaciones en dispositivos móviles” (ES)
http://www.criptored.upm.es/crypt4you/temas/privacidad-
proteccion/leccion4/leccion4.html
![Page 4: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/4.jpg)
4 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Introduction
![Page 5: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/5.jpg)
5 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Mobile Security Challenges
Nowadays?
![Page 6: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/6.jpg)
6 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Market Share
Sep 4, 2013:
• Android: 75,3%
• iOS: 16,9%
• WP: 3,9%
• BB: 2,7%
• Others: 1,2%
6
Reference: http://www.idc.com/getdoc.jsp?containerId=prUS24302813
![Page 7: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/7.jpg)
7 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Security Threats
• Device discovery
– Clients & “infrastructure”
• Communications interception
– Voice & data
• Communications manipulation
• Device impersonation
• Unauthorized access
– Devices, services (capabilities) & data
Mobile devices: personal & corporate (privacy)
![Page 8: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/8.jpg)
8 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
![Page 9: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/9.jpg)
9 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
NFC (Near Field Communication)
• NFC technologies
– Short distance, 13,56Mhz, 106-424 Kbps
– Active (energy) or passive modes (tag)
– Most mobile devices except iOS…
• Multiple usage scenarios
– Proximity and micro payments
– Establish secure communications
• Pairing & key exchange
• Bluetooth or Wi-Fi Direct (data exchange)
– E.g. Android Beam or Samsung-Beam
![Page 10: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/10.jpg)
10 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
NFC (Near Field Communication)
• Store NFC payment information
– SE: Secure Element
• Mobile device (integrated smartcard chip), UICC
(SIM card) or advanced SD card (ASSD)… or SW
– Applications: applets or cardlets
– E.g. (Android) Google Wallet, (BlackBerry
7.1+) BlackBerry Tag, (WP8) Wallet Hub
• Vulnerabilities in Android implementations
– BH US 2012 & EuSecWest 2012-09
• Access user data, malware download, RCE…
![Page 11: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/11.jpg)
11 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
![Page 12: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/12.jpg)
12 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Bluetooth
• Bluetooth technologies
– 802.15.1, 2,4Ghz (79), FHSS, specs & classes
– Piconet & profiles
– Hopping pattern
– BD_ADDR
– Two modes
– Phases: inquiry, paging & SDP
– Security
• Authentication, authorization & encryption
![Page 13: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/13.jpg)
13 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Discovering the Undiscoverable
• Hidden devices: BD_ADDR
– Guessing, pairing, mixing wireless
technologies, brute force (248)…
– Traffic capture (partially: LAP)
• How?
USRP (1 freq.)
GNU-Radio
gr-bluetooth
• Security by obscurity
– Known default & fixed PIN
![Page 14: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/14.jpg)
14 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Obtaining the LAP…
LSB Bluetooth Frame MSB
72 bits 54 bits 0- 2745 bits
Access code Baseband header Message data
LSB Bluetooth Access Code (72 bits) MSB
4 bits 64 bits 4 bits
Preamble Sync Word Finalization
Syncronization (1) Piconet identification (1)
Master LAP
(Last 3 bytes from BD_ADDR)
https://www.usenix.org/legacy/event/woot07/tech/full_papers/spill/spill.pdf
![Page 15: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/15.jpg)
15 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Obtaining the BD_ADDR
• Once we know the LAP…
• ... we need to get the rest: NAP+UAP
• Optimized brute force techniques
– Multiple Bluetooth devices
– Reduce the address range: OUI’s (IEEE)
• BNAP-BNAP project (Joshua Wright)
• ≈70 OUI’s
– BTScanner: LAP patch (1-10 mins)
http://bnap.opensecurityresearch.com/code.html
![Page 16: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/16.jpg)
16 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Reanalyzing the BD_ADDR
• BD_ADDR: libbtbb
– LAP: Lower (Address Part)
• Access Code
– UAP: Upper (Address Part)
• HEC & CRC
– NAP: Non-significant (Address Part)
• 00:00:…?
![Page 17: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/17.jpg)
17 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Ubertooth One
• Michael Ossmann ($120) - 2011
– Kickstarter, Great Scott Gadgets, HakShop
• Open-source Bluetooth sniffer: LAP + UAP
– ≈ Wi-Fi adapters (RFMON) (…10 years)
– 2,4 Ghz + injection + spectrum analyzer
– ≈ Class 1 (Basic Rate + LE)
• Follow devices…
• Kismet, Wireshark… http://ubertooth.sourceforge.net
![Page 18: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/18.jpg)
18 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Real & Personal Bluetooth Threats
• Trustwave advisory: August 2013 – https://www3.trustwave.com/spiderlabs/advisories/
TWSL2013-020.txt
• Inax's Satis automatic toilet • http://www.inax-usa.com/technology/satis/
– Remote control via Bluetooth
• Android app: “My Satis”
– Bluetooth PIN (default): 0000 (hardcoded)
BluetoothDevice localBluetoothDevice =
BluetoothManager.getInstance().execPairing(paramString, "0000")
• Download app and … use its functions:
Repeatedly flush the toilet, unexpectedly open/close the
lid, activate bidet or air-dry functions (discomfort to user)
http://arstechnica.com/security/2013/08/holy-sht-smart-toilet-hack-attack/
![Page 19: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/19.jpg)
19 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Security Recommendations (1/2)
• Turn it off! Save the planet!
• Hidden (or non-visible) device
• Enable just the required profiles (?)
• Enable authentication & authorization (?)
• Change default values: name
– Vendor & model, owner, etc.
• Software & firmware updates
• Corporate security policy
![Page 20: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/20.jpg)
20 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Security Recommendations (2/2)
• Usage in “dangerous” environments
– Initial pairing process
• PIN selection (16 chars) & renewal
• Unsolicited pairing/connect requests
– Proximity marketing (user awareness)
• Management of the pairing DB
– Remove those not used
![Page 21: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/21.jpg)
21 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
![Page 22: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/22.jpg)
22 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi
• Wi-Fi challenges nowadays
• Wi-Fi (mobile) clients behavior
– The PNL
• Wi-Fi network impersonation
– Attacking Wi-Fi enterprise clients
• Wi-Fi clients security recommendations
![Page 23: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/23.jpg)
23 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Challenges Nowadays?
![Page 24: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/24.jpg)
24 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Challenges Nowadays?
http://www.huffingtonpost.com/vala-afshar/50-incredible-wifi-tech-s_b_4775837.html
![Page 25: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/25.jpg)
25 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Security Challenges
Nowadays?
Super Bowl Security Command Center 2014: Broadcast on TV
![Page 26: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/26.jpg)
26 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi (Mobile) Clients Behavior
![Page 27: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/27.jpg)
27 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
How Wi-Fi Clients Work?
• Users connect to Wi-Fi networks by…
1. Selecting them from the list of currently
available networks in the area of coverage
2. Adding them manually to the Wi-Fi client
• Security settings are mandatory (if any)
– Open, WEP, WPA(2)-Personal & WPA(2)-
Enterprise
• Networks are remembered and stored for future
connections: list of known networks
The Preferred Network List (PNL)
![Page 28: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/28.jpg)
28 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
How Wi-Fi Clients Discover
Available Wi-Fi Networks?
• Passive scan
– Beacons
– Every 100ms (10 frames/sec)
• SSID?
• Active scan
– Probe request / response
– (Wildcard or broadcast) SSID?
![Page 29: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/29.jpg)
29 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Hidden Wi-Fi Networks
• Hidden Wi-Fi networks (cloaked or non-broadcast) – Still today a very common security best practice…
– … with relevant security implications for the Wi-Fi clients
– Beacon frames do not contain the SSID (empty)
• Visible (or broadcast) Wi-Fi networks include the SSID in their beacon frames – Wi-Fi clients need to know the SSID to connect to the network
• So how Wi-Fi clients connect to hidden Wi-Fi networks? – Wi-Fi clients have various networks (SSIDs) in their PNL
• Wi-Fi clients have to specifically ask for the hidden Wi-Fi networks in their PNL by sending probe requests containing the SSID – As a result they have to disclose their PNL !!
PNL was disclosed by Wi-Fi clients in the past (2005; Win XP fix in 2007)
![Page 30: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/30.jpg)
30 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Security Risks of Disclosing the
PNL
![Page 31: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/31.jpg)
31 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
• An attacker can impersonate the
various Wi-Fi networks available in
the PNL
– Different methods based on the security
settings
• People didn’t pay enough attention to
this because…
– …there was no name for it!
Security Risks of Disclosing the PNL
War Standing or War “Statuing” (Statue)
![Page 32: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/32.jpg)
32 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
War Standing Risks
![Page 33: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/33.jpg)
33 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Network Impersonation
![Page 34: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/34.jpg)
34 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Network Impersonation (1/2)
• When entries in the PNL are disclosed by Wi-Fi
clients… someone can force the victims to
(silently) connect to the attacker’s Wi-Fi network
– Karma-like attacks (since 2004)
– AP impersonation (or fake AP): anywhere in the world
– Evil-twin: area of coverage of the legitimate network
• Strongest signal wins (or less battery drawing network)
• The victim shares the network with the attacker
– Full network connectivity at layer 1&2 and above
– MitM: Man-in-the-Middle attacks
![Page 35: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/35.jpg)
35 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Network Impersonation (2/2)
• Fully impersonate the Wi-Fi network…
– 802.11 AP, DHCP server, DNS server, routing and
NAT capabilities, RADIUS server…
• Two prerequisites
– SSID (Wi-Fi network name)
• Disclosed from the PNL
– Wi-Fi network security type
• Security type requirements
– Open, WEP & WPA(2)-Personal, WPA(2)-Enterprise
![Page 36: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/36.jpg)
36 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Open Wi-Fi Networks…
![Page 37: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/37.jpg)
37 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Attacking Wi-Fi Clients: Open
“Nobody never ever connects to an open Wi-Fi network!” Right?
![Page 38: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/38.jpg)
38 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
WPA(2)-Enterprise Wi-Fi Networks
![Page 39: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/39.jpg)
39 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Enterprise Networks
• How to verify the RADIUS server
certificate?
– CN, CA, expiration + revocation & purpose
• There is no URL like in the web browsers (X.509 CN)
• Wi-Fi client, access point (AP),
and RADIUS server
• Multiple user credentials
allowed (802.1X/EAP types)
![Page 40: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/40.jpg)
40 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
FreeRADIUS-WPE
• FreeRADIUS-Wireless Pwnage Edition (WPE) – SchmooCon 2008: Joshua Wright & Brad Antoniewicz
• Attacker impersonates the full Wi-Fi network
infrastructure (AP + RADIUS server + …)
• PEAP & TTLS – Inner authentication: MS-CHAPv2 (or others)
– Username + Challenge/Response (hash)
– Mutual authentication
http://www.shmoocon.org/2008/presentations/PEAP_Antoniewicz.pdf
http://www.willhackforsushi.com/?page_id=37
http://blog.opensecurityresearch.com/2011/09/freeradius-wpe-updated.html
https://github.com/brad-anton/freeradius-wpe
![Page 41: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/41.jpg)
41 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
MS-CHAPv2 Cracking
• asleap (+v2.1) - Joshua Wright – Crack challenge (-C) and response (-R)
• http://www.willhackforsushi.com/Asleap.html
– Dictionary attack (DES x 3)
• genkeys – Precomputed MD4 hashes (indexed list of passwords)
• Indexed by the last two bytes of MD4 hash (brute force) – Challenge (8-byte) & MD4 hash (16-byte) ≈ Response (24-bytes)
• MS-CHAPv2 cloud cracking – Defcon 20 (2012): Moxie Marlinspike & David Hulton
• https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
– Brute force attack (256 ≈ DES) – FPGA box: ~ 12-24h • www.cloudcracker.com & chapcrack (100% success rate = $200)
Strength of user passphrase... not any more!
![Page 42: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/42.jpg)
42 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
FreeRADIUS-WPE in Action
![Page 43: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/43.jpg)
43 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
SANS SEC575
(FreeRADIUS) EAP Dumb-Down
• Multiple EAP types available
– Mobile devices seem to prefer to use PEAP
(MS-CHAPv2) by default
• But in reality they use the preferred EAP
method set by the RADIUS server
– GTC-PAP: Log credentials in cleartext
• Username and passphrase
• Additionally it might allow automatic full
Wi-Fi network impersonation (MitM)
Strength of the user passphrase is irrelevant
![Page 44: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/44.jpg)
44 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
EAP Dumb-Down in Action
![Page 45: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/45.jpg)
45 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Mobile Devices Behavior Against
FreeRADIUS-WPE & EAP Dumb-Down
• FreeRADIUS-WPE
– iOS: UI & configuration profile
– Android
– WP 7.x & 8
– BlackBerry 7.x
• EAP Dumb-Down
– iOS: UI & configuration profile
– Android
– WP 7.x & 8
– BlackBerry 7.x
"Why iOS (Android & others) Fail inexplicably"
User creddentials (not
just the Wi-Fi secret):
Other corporate
services?
Full MitM connectivity
![Page 46: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/46.jpg)
46 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Full Wi-Fi Network Impersonation For Fun & Profit by Example
![Page 47: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/47.jpg)
47 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Network Impersonation Exploitation
For Fun
http://www.ex-parrot.com/pete/upside-down-ternet.html
![Page 48: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/48.jpg)
48 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
• iOS update to 7.0.6 (Feb 21, 2014)
– 6.1.6 (iPhone 3GS & iPod Touch 4th)
– OS X 10.9 “Mavericks” (no patch)
• Lack of proper certificate validation
– DHE & ECDHE (CVE-2014-1266)
– https://www.imperialviolet.org:1266
– https://www.gotofail.com
https://www.imperialviolet.org/2014/02/22/applebug.html
Wi-Fi Network Impersonation Exploitation
For Profit - Goto Fail
![Page 49: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/49.jpg)
49 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Clients Security
Recommendations
![Page 50: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/50.jpg)
50 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Clients Configuration
Recommendations
• Turn off the Wi-Fi interface if not in use
• Do not configure Wi-Fi networks as hidden
• Do not add Wi-Fi networks manually to
mobile devices (= hidden network)
• Manage & clean-up the PNL periodically • Individually and enterprise level (MDM)
• Wi-Fi policy: What type of networks…?
• Properly add Wi-Fi enterprise networks…
![Page 51: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/51.jpg)
51 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Enterprise Recommendations
(1/2)
• Wi-Fi supplicants must always…
– Trust only the specific CA used for the Wi-Fi network
• Not a good idea to use the full list of public trusted CAs
• A private CA is a better option than a public CA assuming an
attacker cannot get a legitimate certificate from it
– Define the specific (set of) RADIUS server(s) name(s)
used (X.509 CN)
• Do not provide options to disable certificate validation
– Define and force the specific EAP type used
• Define the inner authentication method (e.g. MS-CHAPv2)
• Do not downgrade to other EAP types (EAP dumb-down)
![Page 52: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/52.jpg)
52 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Wi-Fi Enterprise Recommendations
(2/2)
• WPA2-Enterprise: Full Wi-Fi network validation
– Do not ask the user!
• Wi-Fi Enterprise is inherently “broken”
– How to add a new RADIUS server?
• Modify the config of all Wi-Fi clients in the organization
• User credentials strength
– Passphrase
• EAP/TLS: client digital certificates + PKI
• WIDS (evil-twin)
![Page 53: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/53.jpg)
53 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
References
![Page 54: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/54.jpg)
54 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
References
• Crypt4You: “Lección 4. Protección de
comunicaciones en dispositivos móviles”
– http://www.criptored.upm.es/crypt4you/temas/privacidad
-proteccion/leccion4/leccion4.html
• TASSI
– http://www.lpsi.eui.upm.es/GANLESI/GANLESI.htm
• DinoSec Lab – Publications – http://www.dinosec.com/en/lab.html
• DinoSec Security Advisories – http://blog.dinosec.com/p/security-advisories.html
![Page 55: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/55.jpg)
“You think that’s air
you’re breathing now?”
Morpheus to Neo during the scene when he was teaching him in the
virtual dojo on board the ship The Nebuchadnezzer
![Page 56: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/56.jpg)
56 2014 © Dino Security S.L. www.dinosec.com All rights reserved. Todos los derechos reservados.
Questions
![Page 57: @dinosec Protección de comunicaciones en … · 2014 © Dino Security S.L. All rights reserved](https://reader033.vdocuments.site/reader033/viewer/2022042302/5ecd97f404b50f0d86396901/html5/thumbnails/57.jpg)
w w w. d i n o s e c . c o m
@ d i n o s e c
R a ú l S i l e s
r a u l @ d i n o s e c . c o m
@ r a u l s i l e s