Proxmark3 vs Ultralight C

There have been no secrets this week while I’ve been trying to add Mifare Ultralight C support to the Proxmark. Ultralight C cards are HF (13.56MHz) tags that are part of the Mifare family.  This week has been an interesting learning process, and it has corrected some misconceptions I had about the card.  For those interested you can follow my progress at http://www.proxmark.org/forum/viewtopic.php?id=1946.  But I will summarise my findings below: Ultralight C…

Security Tips for 2014

Based on the number of different types of attack over the previous year (2013).  Pentura thought they would release a small list of possible actions and supporting programs/tools that can be used to secure your assets in 2014. Back-up your data. (OSX – Time Machine, Windows – Acronis Backup Software, Linux – many solutions) Don’t use public WiFi AccessPoints without a VPN (e.g. Cloak, OpenVPN to a home server) Configure…

ATM In-Security in 2013 | ATM Security Flaws & Vulnerabilities

Introduction With the recent SecTor security conference in Toronto Canada, once again ATM security flaws have risen to the top of the agenda.  ATM flaws have become wide-stream knowledge since Barnaby Jack showed off his ‘Jackpotting‘ attack.  ATM flaws have once again become a hot-topic since the late Barnaby’s demise two weeks prior to this years Blackhat conference (USA 2013) where he was going to present about Pacemaker flaws.  Barnaby…

Creating Your Own Certificate Authority | InteliSecure

Background Being a pentester I often have to tackle the issue of self-signed certificates on the internal network.  All our automated tools (Nessus, Nexpose, OpenVas) flag several SSL issues related to untrusted certificates, weak ciphers, weak hashing algorithms and self-signed certificates.  The usual advice is to disable weak ciphers, and to re-issue and re-sign the certificates.  The big question from customers is “But why should we purchase certificates for servers…

USB Rubber Ducky – Part 3: Crypto Duck

Background The USB Rubber Ducky is an extremely powerful and versatile device.  Sadly, the potential is missed, and this is probably due to its high price tag (from an initial small development production run).  Since its release mid-late 2011, the Ducky has grown in popularity and the Hak5 Team have more than doubled their production run, meaning costs have been slashed in half.  Potentially with enough interest and investment the…

The Return of USB “Auto-Run” Attacks

Background USB Autorun attacks became the rage back in 2005.  Hak5 created a project to increase awareness of this security issue called USB-Hacksaw, originally a U3 device that would auto-run a series of programs.  This could be used from general system administration tasks, or potential malicious tasks; such as installing back-doors and running password collection programs.  Shortly, Vendors like Microsoft started to remove Auto-run capabilities to prevent more serious malware…