«
Expand/Collapse
243 items tagged "protocol"
Related tags:
vulnerability [+],
pidgin [+],
libpurple [+],
variable field [+],
open source implementation [+],
netzob [+],
msn protocol [+],
msn [+],
harald welte [+],
field [+],
multiple [+],
security vulnerability [+],
renegotiation [+],
vendor [+],
xmpp [+],
session initiation protocol [+],
rose protocol [+],
rose [+],
memory corruption [+],
memory [+],
kernel [+],
black hat [+],
usa [+],
plugin [+],
oscar [+],
mandriva linux [+],
mac [+],
ipv [+],
gsm [+],
europe [+],
communication [+],
zrtp [+],
usb [+],
tcp ip protocol [+],
system [+],
read [+],
protocol sip [+],
protocol library [+],
phil zimmermann [+],
library [+],
intuit [+],
information [+],
communication services [+],
cisco security [+],
yahoo [+],
whatsapp [+],
wes faler [+],
webkit [+],
utf 8 [+],
usb protocol [+],
time scientists [+],
status [+],
starttls [+],
south korea [+],
satellite event [+],
reverse engineer [+],
reverse [+],
registration [+],
red hat security [+],
red [+],
protocols [+],
protocol stack [+],
presence protocol [+],
null pointer [+],
mandriva [+],
manager [+],
linux security [+],
jeremie miller [+],
japan [+],
jabber software foundation [+],
jabber [+],
ipv6 protocol suite [+],
ipv4 addresses [+],
introduction [+],
gmr [+],
free software implementation [+],
fetchmail [+],
drew fisher [+],
domain issues [+],
domain [+],
denial [+],
d. zero [+],
cross [+],
cisco ios [+],
card [+],
audio [+],
arduino [+],
arbitrary user [+],
android [+],
air interface [+],
aim instant messaging [+],
advisory [+],
information disclosure vulnerability [+],
tls protocol [+],
vector implementation [+],
ssl [+],
video [+],
vector [+],
unix variants [+],
transport protocol [+],
transport [+],
tor [+],
timers [+],
testing methodology [+],
system level software [+],
steven j. murdoch tags [+],
steam [+],
state [+],
smart card readers [+],
slides [+],
sim im [+],
security vulnerabilities [+],
sctp [+],
scott [+],
routing [+],
rohit dhamankar [+],
rohit [+],
rob king [+],
rlc [+],
rfc [+],
recommendations [+],
rds [+],
randomization [+],
radio [+],
rachel engel scott stender [+],
protocol stacks [+],
protocol messages [+],
protocol enhancements [+],
protocol designers [+],
protocol attacks [+],
privilege [+],
pisa [+],
pentester [+],
packet data services [+],
packet [+],
osmocombb [+],
open web [+],
odata [+],
network sniffer [+],
media gateway control protocol [+],
media gateway control [+],
local privilege escalation [+],
kerberos protocol [+],
kerberos [+],
jingle [+],
internet engineering task force [+],
inspection [+],
insecurity [+],
immanuel scholz [+],
identification [+],
idea [+],
html [+],
home automation system [+],
home [+],
help system [+],
hellschreiber [+],
hacking [+],
gsm protocol [+],
felix [+],
extension [+],
escalation [+],
eigrp [+],
directory traversal vulnerability [+],
david chaum [+],
data protocol [+],
darknet [+],
cryptographic protocol [+],
cryptographers [+],
communications protocol [+],
cisco unified communications manager [+],
cisco security advisory [+],
cisco pgw [+],
cisco [+],
chip authentication [+],
cheatsheet [+],
browser [+],
brad hill [+],
bank [+],
authentication [+],
attiny [+],
asa [+],
aruba [+],
andreas jungmaier [+],
Tools [+],
Skype [+],
chaos communication congress [+],
yang tags [+],
world war ii [+],
working [+],
wireshark [+],
windows [+],
websocket [+],
us patent application [+],
tunneling [+],
tshark [+],
transport layer security [+],
transfer protocol ftp [+],
toy [+],
throughput [+],
third generation [+],
telemetry data [+],
tcp [+],
talk [+],
syma [+],
steve weber [+],
steve markgraf [+],
statistical [+],
stack [+],
smb [+],
smartcard [+],
smart card [+],
signal [+],
shuffle [+],
session [+],
server message block [+],
serial connections [+],
security utilities [+],
security 2002 [+],
security [+],
secret messages [+],
scott harden [+],
sccp [+],
sap [+],
roving networks [+],
reverse engineering [+],
remote control helicopter [+],
radio transmissions [+],
pushdo [+],
protocol stream [+],
protocol mechanism [+],
protocol features [+],
proof of concept [+],
postfinance [+],
plug ins [+],
planning [+],
pic microcontrollers [+],
pic [+],
pdb [+],
paper [+],
packet data [+],
osmo [+],
nxp [+],
node [+],
nitty gritty details [+],
nils magnus tags [+],
next [+],
networking protocols [+],
networking protocol [+],
networking [+],
network protocol analyzer [+],
network hackers [+],
network address translation [+],
network [+],
netsupport manager [+],
netsupport [+],
negotiate [+],
nat skinny [+],
nat [+],
morse code [+],
misc [+],
microcontrollers [+],
memory leak [+],
mark vandewettering [+],
mark [+],
marc heuse [+],
marc andr [+],
machine [+],
mac os [+],
mac layer [+],
logic analyzer [+],
logic [+],
lindner [+],
level converter [+],
level [+],
ladyada [+],
keyboard [+],
jim [+],
jeremy rauch [+],
ir protocol [+],
ipv6 protocol [+],
ipv6 project [+],
ipod [+],
intrusion detection [+],
intrusion [+],
infrared guidance [+],
icmp [+],
i2c protocol [+],
http [+],
helicopter [+],
heap corruption [+],
headphone [+],
hackers [+],
gumball [+],
general idea [+],
gateway [+],
flaw [+],
file transfer protocol [+],
file [+],
field communication [+],
experimental phase [+],
experiment [+],
evolving [+],
error documents [+],
engineering [+],
engineered [+],
encryption [+],
earth [+],
dos windows [+],
don [+],
devastating [+],
detection [+],
david carne [+],
cyber crime [+],
crack [+],
cookie [+],
converter [+],
control [+],
cisco ios software [+],
cisco ios device [+],
cellphones [+],
can [+],
bus [+],
bugtraq [+],
bubble gum [+],
blaise jarrett [+],
blaise [+],
bernd r. fix [+],
beck tags [+],
bad request [+],
backfuzz [+],
available tools [+],
authors [+],
arpad [+],
arduinos [+],
apple filing [+],
apache [+],
afp [+],
advisory id [+],
advisory addresses [+],
ac signal [+],
Software [+],
Pentesting [+],
Hardware [+],
ExploitsVulnerabilities [+],
BackTrack [+],
denial of service [+],
service vulnerability [+],
hacks [+],
communication protocols [+],
tls [+]
-
-
16:00
»
SecuriTeam
TLS protocol is prone to an information-disclosure vulnerability.
-
-
9:22
»
Packet Storm Security Recent Files
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
9:22
»
Packet Storm Security Tools
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
9:22
»
Packet Storm Security Misc. Files
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
8:01
»
Hack a Day
[Ladyada] and [pt] had an old keyboard from NeXT, but since it used a custom protocol it wasn’t usable with modern hardware. So they built a custom device to convert the NeXT protocol to USB. The device uses a Arduino Micro to read data from the keyboard and communicate as a HID device over USB. It [...]
-
-
14:47
»
Hack a Day
[Jim] used a logic analyzer to do some in depth analysis of the Syma 107G helicopter’s IR protocol. We’ve seen work to reverse engineer this protocol in the past, but [Jim] has improved upon it. Instead of reading the IR output of the controller, [Jim] connected a Saleae Logic directly to the controller’s circuitry. This allowed him [...]
-
-
5:00
»
Hack a Day
When you don’t want to use I2C or SPI, and MIDI and DMX are old hat, [Scott] comes along and invents a very strange networking protocol that is just daisy chaining a few Arduinos together with serial connections. Strange as it may seem, this networking protocol actually makes a whole lot of sense. [Scott] is [...]
-
-
21:30
»
SecDocs
Authors:
Andreas Jungmaier Tags:
network Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: The SCTP (Stream Control Transmission Protocol) is a new reliable transfer protocol standardized by the Internet Engineering Task Force (IETF) in the documents [1], [2] and [3]. It was primarily developed by the SIGTRAN group to provide a mechanism for transporting currently circuit switched telephony signaling (SS7) data over packet switched networks. Designed to overcome some deficiencies of TCP, its main benefits are a more flexible, message oriented data delivery to its user, and inherent support for multi-homimng. As such, it is not only a transport protocol for delivery of SS7 signaling data over IP networks, as originally intended. Much rather, it is a general purpose transport protocol, suitable for any kind of message oriented traffic (e.g. Internet file transfer, SCSI over IP, SIP, HTTP, etc.), and thus a successor to TCP. Together with enhancements to the core protocol (as per [4] and [5]), features for mobility of SCTP endpoints and multimedia transmissions can be added to SCTP implementations. So far, major operating systems vendors started integrating SCTP into their protocol stacks, among these Linux, FreeBSD, Solaris, HP-UX, IBM AIX, Cisco IOS, and many more. This presentation will be about the features of the core protocol, and explain the protocol enhancements for transport layer mobility and partial reliability. Security solutions using IPSec or TLS [6] will also be covered.
-
21:30
»
SecDocs
Authors:
Andreas Jungmaier Tags:
network Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: The SCTP (Stream Control Transmission Protocol) is a new reliable transfer protocol standardized by the Internet Engineering Task Force (IETF) in the documents [1], [2] and [3]. It was primarily developed by the SIGTRAN group to provide a mechanism for transporting currently circuit switched telephony signaling (SS7) data over packet switched networks. Designed to overcome some deficiencies of TCP, its main benefits are a more flexible, message oriented data delivery to its user, and inherent support for multi-homimng. As such, it is not only a transport protocol for delivery of SS7 signaling data over IP networks, as originally intended. Much rather, it is a general purpose transport protocol, suitable for any kind of message oriented traffic (e.g. Internet file transfer, SCSI over IP, SIP, HTTP, etc.), and thus a successor to TCP. Together with enhancements to the core protocol (as per [4] and [5]), features for mobility of SCTP endpoints and multimedia transmissions can be added to SCTP implementations. So far, major operating systems vendors started integrating SCTP into their protocol stacks, among these Linux, FreeBSD, Solaris, HP-UX, IBM AIX, Cisco IOS, and many more. This presentation will be about the features of the core protocol, and explain the protocol enhancements for transport layer mobility and partial reliability. Security solutions using IPSec or TLS [6] will also be covered.
-
-
18:28
»
Packet Storm Security Recent Files
In this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.
-
18:28
»
Packet Storm Security Misc. Files
In this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.
-
-
14:23
»
Packet Storm Security Recent Files
The Open Data Protocol (OData) is an open web based RESTful protocol for querying and updating data. This paper discusses OData penetration testing methodology and techniques.
-
14:23
»
Packet Storm Security Misc. Files
The Open Data Protocol (OData) is an open web based RESTful protocol for querying and updating data. This paper discusses OData penetration testing methodology and techniques.
-
-
10:34
»
SecDocs
Authors:
Nils Magnus Tags:
SAP Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Most hackers perceive SAP R/3 installations as enormous data graves with limited hack value because of its immense size and doubtful design. However, there are usually lots of company relevant data. As it is good and common practise, the more valuable the data, the less it is protected. SAP installations comprise usually of a database and an application server on the backend. There are numerous schemes well-known to both attack and protect these servers. The user's end is often much less protected, though. User clients (the infamous sapguis) talk with a sparsely documented protocol sometimes called DIAG. In the past SAP claimed DIAG is "encrypted"; more recently the vendor admitted it is only "obscured" but did not publish any details. This makes every hacker suspicious. During this session we will have a look into the nitty gritty details of the protocol from an outsider's point of view. We will present tools and techniques to extract useful information out of packets and data streams, and look at the actual data. However, since the protocol has not completely reverse engineered, the session is a kind of workshop where we try to find out more details about the protocol. The session is directed to prefessional network hackers who are aware of extracting and visualizing data from the network. We are looking for experts in the field of shared libraries, Java decompiling and PK* compression methods as these technologies play a role in the scenario. We will provide a demo installation of both client and server installations of SAP R/3 based on Linux.
-
-
21:49
»
SecDocs
Authors:
Eff D. Zero Tags:
XMPP Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: XMPP is a free, next-generation, feature rich instant messaging architecture and protocol, which perhaps cat put an end to the great IM war between propritary protocols. This talk introduces the basic protocol concepts (bidirectional XML streams, transports/gateways to other IM-networks), the general XMPP network architecture and features like GPG end-to-end encryption will be demonstrated. In 1998 Jeremie Miller thought about how he could communicate with all of his friends online using only one program for several different Instant Messaging networks. He came to the conclusion that it is wise to implement the different protocols on the server and let the client only speak one protocol. Jabber was born. Later the Jabber Software Foundation donated this protocol to the IETF and in 2002, a working group has been found which led to the release of XMPP/Jabber as a RFC in October 2004. XMPP features a clean and simple procotol design and a decentralized server architecture. It can not only be used for exchanging messages and presence information, but also as a generic XML routing framework for transporting nearly real-time information like SOAP or XMLRPC. The only requirement to understand this talk is a bit knowledge about how XML looks like and works.
-
21:49
»
SecDocs
Authors:
Eff D. Zero Tags:
XMPP Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: XMPP is a free, next-generation, feature rich instant messaging architecture and protocol, which perhaps cat put an end to the great IM war between propritary protocols. This talk introduces the basic protocol concepts (bidirectional XML streams, transports/gateways to other IM-networks), the general XMPP network architecture and features like GPG end-to-end encryption will be demonstrated. In 1998 Jeremie Miller thought about how he could communicate with all of his friends online using only one program for several different Instant Messaging networks. He came to the conclusion that it is wise to implement the different protocols on the server and let the client only speak one protocol. Jabber was born. Later the Jabber Software Foundation donated this protocol to the IETF and in 2002, a working group has been found which led to the release of XMPP/Jabber as a RFC in October 2004. XMPP features a clean and simple procotol design and a decentralized server architecture. It can not only be used for exchanging messages and presence information, but also as a generic XML routing framework for transporting nearly real-time information like SOAP or XMLRPC. The only requirement to understand this talk is a bit knowledge about how XML looks like and works.
-
21:49
»
SecDocs
Authors:
Eff D. Zero Tags:
XMPP Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: XMPP is a free, next-generation, feature rich instant messaging architecture and protocol, which perhaps cat put an end to the great IM war between propritary protocols. This talk introduces the basic protocol concepts (bidirectional XML streams, transports/gateways to other IM-networks), the general XMPP network architecture and features like GPG end-to-end encryption will be demonstrated. In 1998 Jeremie Miller thought about how he could communicate with all of his friends online using only one program for several different Instant Messaging networks. He came to the conclusion that it is wise to implement the different protocols on the server and let the client only speak one protocol. Jabber was born. Later the Jabber Software Foundation donated this protocol to the IETF and in 2002, a working group has been found which led to the release of XMPP/Jabber as a RFC in October 2004. XMPP features a clean and simple procotol design and a decentralized server architecture. It can not only be used for exchanging messages and presence information, but also as a generic XML routing framework for transporting nearly real-time information like SOAP or XMLRPC. The only requirement to understand this talk is a bit knowledge about how XML looks like and works.
-
-
21:40
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
8:10
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
8:10
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
-
5:00
»
Hack a Day
Instead of rock-hard bubble gum that loses its flavor after 2 minutes, this gumball machine delivers apps and games directly to your smartphone. The communications protocol used by this app-delivering gumball machine isn’t bluetooth or WiFi but near field communication. This protocol allows for a point-to-point network between the app dispenser and a phone to deliver games, [...]
-
-
21:45
»
SecDocs
Authors:
Immanuel Scholz Tags:
cryptography Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Imi gives an introduction into the idea behind DC networks, how and why they work. With demonstration! Back in 1988, David Chaum proposed a protocol for perfect untracable communication. And it was completly different to the (former invented) Mix Cascades. While the Mixes got all the press (heard of "Tor" and "JAP"? Told you!), the idea of DC networks were silently ignored by the majority of the community. This talk is to show how DC networks work, why they are secure and presents an implementation.
-
21:45
»
SecDocs
Authors:
Immanuel Scholz Tags:
cryptography Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Imi gives an introduction into the idea behind DC networks, how and why they work. With demonstration! Back in 1988, David Chaum proposed a protocol for perfect untracable communication. And it was completly different to the (former invented) Mix Cascades. While the Mixes got all the press (heard of "Tor" and "JAP"? Told you!), the idea of DC networks were silently ignored by the majority of the community. This talk is to show how DC networks work, why they are secure and presents an implementation.
-
-
21:34
»
SecDocs
Authors:
Bernd R. Fix Marc-André Beck Tags:
sniffer smart card Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: This talk will introduce you to the theoretical and practical issues involved in cloning/simulating existing smartcards. It is based on the lessons learned from cloning the Postcard (swiss debit card) issued by PostFinance. After a brief introduction into the syntax of smartcard protocols (basically ISO 7816-4), the talk will demonstrate techniques to capture the communication between a smartcard and a terminal with the help of a Javacard-based logger cardlet. The gathered information (the semantics of the protocol) can then be used for cloning the smartcard under investigation.
-
-
18:55
»
Packet Storm Security Recent Files
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
18:55
»
Packet Storm Security Tools
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
18:55
»
Packet Storm Security Misc. Files
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
-
19:04
»
Packet Storm Security Misc. Files
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
-
-
21:36
»
SecDocs
Authors:
Harald Welte Steve Markgraf Tags:
GSM phone Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: In recent years, we have seen several Free Software projects implementing the network side of the GSM protocol. In 2010, OsmocomBB was started to create a free software implementation of the telephone-side. The OsmocomBB project is a Free Software implementation of the GSM protocol stack running on a mobile phone. For decades, the cellular industry comprised by cellphone chipset makers and network operators keep their hardware and system-level software as well as GSM protocol stack implementations closed. As a result, it was never possible to send arbitrary data at the lower levels of the GSM protocol stack. Existing phones only allow application-level data to be specified, such as SMS messages, IP over GPRS or circuit-switched data (CSD). Using OsmocomBB, the security researcher finally has a tool equivalent to an Ethernet card in the TCP/IP protocol world: A simple transceiver that will send arbitrary protocol messages to a GSM network.
-
-
21:27
»
SecDocs
Authors:
Marc Heuse Tags:
IPv6 Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: New protocol features have been proposed and implemented in the last 5 years and ISPs are now slowly starting to deploy IPv6. This talk starts with a brief summary of the issues presented five years ago, and then expands on the new risks. Discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Comes with a GPL'ed toolkit: thc-ipv6 Five years have past since my initial talk on IPv6 insecurities at the CCC Congress. New protocol features have been proposed and implemented since then and ISPs are now slowly starting to deploy IPv6. Few changes have led to a better security of the protocol, several increase the risk instead. This talk starts with a brief summary of the issues presented 5 years ago, and then expands on the new risks especially in multicast scenarios. As an add-on, discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Lets hope patches are out until the conference, if not - they had enough time. All accompanied with GPL'ed tools to and a library: the new thc-ipv6 package. rewritten, expanded, enhanced.
-
-
12:00
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
11:49
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
11:48
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
-
21:44
»
SecDocs
Authors:
Sylvain Munaut Tags:
GSM phone satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr.
-
21:44
»
SecDocs
Authors:
Sylvain Munaut Tags:
GSM phone satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr.
-
21:44
»
SecDocs
Authors:
Sylvain Munaut Tags:
GSM phone satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr.
-
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
-
22:52
»
SecDocs
Authors:
Drew Fisher Tags:
reverse engineering USB Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. This talk will narrate the process of reverse engineering the Kinect audio protocol – analyzing a set of USB logs, finding patterns, building understanding, developing hypotheses of message structure, and eventually implementing a userspace driver. I'll also cover how the USB standard can help a reverse engineer out, some common design ideas that I've seen, and ideas for the sorts of tools that could assist in completing this kind of task more efficiently.
-
22:52
»
SecDocs
Authors:
Drew Fisher Tags:
reverse engineering USB Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. This talk will narrate the process of reverse engineering the Kinect audio protocol – analyzing a set of USB logs, finding patterns, building understanding, developing hypotheses of message structure, and eventually implementing a userspace driver. I'll also cover how the USB standard can help a reverse engineer out, some common design ideas that I've seen, and ideas for the sorts of tools that could assist in completing this kind of task more efficiently.
-
22:52
»
SecDocs
Authors:
Drew Fisher Tags:
reverse engineering USB Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. This talk will narrate the process of reverse engineering the Kinect audio protocol – analyzing a set of USB logs, finding patterns, building understanding, developing hypotheses of message structure, and eventually implementing a userspace driver. I'll also cover how the USB standard can help a reverse engineer out, some common design ideas that I've seen, and ideas for the sorts of tools that could assist in completing this kind of task more efficiently.
-
-
13:01
»
Hack a Day
Here’s one node on the new home automation system on which [Black Rynius] is working. So far he’s testing out the system with just two nodes, but plans to build more as the project progresses. He’s chosen to use the CAN bus for communications; a protocol which is most commonly found in automotive applications. The biggest plus [...]
-
-
11:01
»
Hack a Day
[Arpad] has spent quite a bit of time reverse-engineering a home automation system, and, as he is quick to point out, presents the information learned for informational purposes only. He’s really done his homework (and documented it well), looking into the US patent application, and figuring out how the protocol works. If you’re wondering how [...]
-
-
3:11
»
Packet Storm Security Exploits
Proof of concept code for a vulnerability in protocol.c from Apache versions 2.2.x through 2.2.21. The issue is that it does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies.
-
-
11:56
»
Hack a Day
[Mark VandeWettering] was experimenting with a simple transmitting circuit and an Arduino. The circuit in the project was designed by [Steve Weber] to broadcast temperature and telemetry data using Morse Code. But [Mark] wanted to step beyond that protocol and set out to write a sketch that broadcasts using the Hellschreiber protocol. This protocol transmits [...]
-
-
16:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1821-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgin via a specially-crafted OSCAR message. Multiple NULL pointer dereference flaws were found in the Jingle extension of the Extensible Messaging and Presence Protocol protocol plug-in in Pidgin. A remote attacker could use these flaws to crash Pidgin via a specially-crafted Jingle multimedia message.
-
16:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1821-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgin via a specially-crafted OSCAR message. Multiple NULL pointer dereference flaws were found in the Jingle extension of the Extensible Messaging and Presence Protocol protocol plug-in in Pidgin. A remote attacker could use these flaws to crash Pidgin via a specially-crafted Jingle multimedia message.
-
16:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1821-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgin via a specially-crafted OSCAR message. Multiple NULL pointer dereference flaws were found in the Jingle extension of the Extensible Messaging and Presence Protocol protocol plug-in in Pidgin. A remote attacker could use these flaws to crash Pidgin via a specially-crafted Jingle multimedia message.
-
-
15:24
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2011-183 - When receiving various stanzas related to voice and video chat, the XMPP protocol plugin failed to ensure that the incoming message contained all required fields, and would crash if certain fields were missing. When receiving various messages related to requesting or receiving authorization for adding a buddy to a buddy list, the oscar protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. This update provides pidgin 2.10.1, which is not vulnerable to these issues.
-
15:24
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-183 - When receiving various stanzas related to voice and video chat, the XMPP protocol plugin failed to ensure that the incoming message contained all required fields, and would crash if certain fields were missing. When receiving various messages related to requesting or receiving authorization for adding a buddy to a buddy list, the oscar protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. This update provides pidgin 2.10.1, which is not vulnerable to these issues.
-
15:24
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-183 - When receiving various stanzas related to voice and video chat, the XMPP protocol plugin failed to ensure that the incoming message contained all required fields, and would crash if certain fields were missing. When receiving various messages related to requesting or receiving authorization for adding a buddy to a buddy list, the oscar protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. This update provides pidgin 2.10.1, which is not vulnerable to these issues.
-
-
13:01
»
Hack a Day
You’ve got several devices which communicate via the I2C protocol, but some of them can only operate at 3.3V while the rest are hungry for a 5V connection. What to do? [Linux-works] built this I2C level converter to solve the problem. The circuit comes from an NXP app note (PDF) on the issue. You can [...]
-
-
12:01
»
Hack a Day
[Blaise Jarrett] has been grinding away to get the WebSocket protocol to play nicely with PIC microcontrollers. Here he’s using the PIC 18F4620 along with a Roving Networks RN-XV WiFi module to get the device on the network. He had started with a smaller processor but ran into some RAM restrictions so keep that in [...]
-
-
11:52
»
SecDocs
Authors:
Brad Hill Rachel Engel Scott Stender Tags:
Kerberos Event:
Black Hat USA 2010 Abstract: The Kerberos protocol is provides single sign-on authentication services for users and machines. Its availability on nearly every popular computing platform - Windows, Mac, and UNIX variants - makes it the primary choice for enterprise authentication. However, simply "adding a dash of Kerberos" does not make a magically secure a network. Kerberos is a complicated protocol whose comprehensive description requires dozens of RFCs. To use it securely requires a careful dance between protocol designers, service developers, and system administrators – the kind of dance that never quite stays in step. A careful review of RFCs, deployment guidance, and developer reference materials reveals a host of “theoretical” flaws when Kerberos is used. This presentation will demonstrate new techniques that make the theoretical practical in common Kerberos deployments, and provide guidance to ensure that software and systems are hardened against attack.
-
11:52
»
SecDocs
Authors:
Brad Hill Rachel Engel Scott Stender Tags:
Kerberos Event:
Black Hat USA 2010 Abstract: The Kerberos protocol is provides single sign-on authentication services for users and machines. Its availability on nearly every popular computing platform - Windows, Mac, and UNIX variants - makes it the primary choice for enterprise authentication. However, simply "adding a dash of Kerberos" does not make a magically secure a network. Kerberos is a complicated protocol whose comprehensive description requires dozens of RFCs. To use it securely requires a careful dance between protocol designers, service developers, and system administrators – the kind of dance that never quite stays in step. A careful review of RFCs, deployment guidance, and developer reference materials reveals a host of “theoretical” flaws when Kerberos is used. This presentation will demonstrate new techniques that make the theoretical practical in common Kerberos deployments, and provide guidance to ensure that software and systems are hardened against attack.
-
-
6:00
»
Hack a Day
After [trandi] got his hands on a cheap R/C helicopter he realized the difficulties in actually flying a remote control helicopter. Instead of giving up, he decided to reverse-engineer the infrared protocol and then build a decoder around an ATtiny that would send commands to another microcontroller using a serial connection. The remote’s communications protocol [...]
-
-
0:24
»
SecDocs
Authors:
Harald Welte Tags:
GSM Event:
Hashdays 2010 Abstract: The OsmocomBB project is a Free Software implementation of the GSM protocol stack running on a mobile phone. For decades, the cellular industry comprised by cellphone chipset makers and network operators keep their hardware and system-level software as well as GSM protocol stack implementations closed. As a result, it was never possible to send arbitrary data at the lower levels of the GSM protocol stack. Existing phones only allow application-level data to be specified, such as SMS messages, IP over GPRS or circuit-switched data (CSD). Using OsmocomBB, the security researcher finally has a tool equivalent to an Ethernet card in the TCP/IP protocol world: A simple transceiver that will send arbitrary protocol messages to a GSM network. Well-known and established techniques like protocol fuzzing can finally be used in GSM networks and reveal how reliable and fault tolerant the equipment used in the GSM networks really is.
-
-
12:30
»
Hack a Day
[Scott Harden] is drilling teeth by day and designing radios that send secret messages by night. He’s set his sights on the Hellschreiber protocol which was used by the Germans in World War II along with their Enigma encryption system. The protocol is a viable alternative for transmitting and receiving code in environments with too much [...]
-
-
6:22
»
Packet Storm Security Recent Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
6:22
»
Packet Storm Security Misc. Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
-
18:47
»
Packet Storm Security Advisories
Fetchmail suffers from a denial of service vulnerability in the STARTTLS protocol phases. Versions 5.9.9 up to and including 6.3.19 are affected.
-
18:47
»
Packet Storm Security Recent Files
Fetchmail suffers from a denial of service vulnerability in the STARTTLS protocol phases. Versions 5.9.9 up to and including 6.3.19 are affected.
-
18:47
»
Packet Storm Security Misc. Files
Fetchmail suffers from a denial of service vulnerability in the STARTTLS protocol phases. Versions 5.9.9 up to and including 6.3.19 are affected.
-
-
11:12
»
SecDocs
Authors:
Harald Welte Tags:
GSM Event:
Hashdays 2010 Abstract: The OsmocomBB project is a Free Software implementation of the GSM protocol stack running on a mobile phone. For decades, the cellular industry comprised by cellphone chipset makers and network operators keep their hardware and system-level software as well as GSM protocol stack implementations closed. As a result, it was never possible to send arbitrary data at the lower levels of the GSM protocol stack. Existing phones only allow application-level data to be specified, such as SMS messages, IP over GPRS or circuit-switched data (CSD). Using OsmocomBB, the security researcher finally has a tool equivalent to an Ethernet card in the TCP/IP protocol world: A simple transceiver that will send arbitrary protocol messages to a GSM network. Well-known and established techniques like protocol fuzzing can finally be used in GSM networks and reveal how reliable and fault tolerant the equipment used in the GSM networks really is.
-
-
11:13
»
Packet Storm Security Recent Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
11:13
»
Packet Storm Security Misc. Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
-
5:09
»
SecDocs
Authors:
Kyle Yang Tags:
malware malware analysis Event:
Black Hat EU 2010 Abstract: After several months efforts, the pushdo/cutwail botnet author(s) finally released a new pushdo advanced installer(codename "revolution") which not only changed the protocol and encryption totally but also implemented "Services" mechanism. Moreover, a new spam engine was in the experimental phase. In this presentation, I will examine pushdo's brand new protocol and encryption, reveal their "Cyber Crime Services" vendors mapping and disclose the debug version of the new spam engine's protocol and encryption.
-
-
12:52
»
SecuriTeam
Skinny Client Control Protocol (SCCP) crafted messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:01
»
Packet Storm Security Recent Files
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products. Each vulnerability described in this advisory is independent from other. The vulnerabilities are related to processing Session Initiation Protocol (SIP) or Media Gateway Control Protocol (MGCP) messages. Successful exploitation of all but one of these vulnerabilities can crash the affected device. Exploitation of the remaining vulnerability will not crash the affected device, but it can lead to a denial-of-service (DoS) condition in which no new TCP-based connections will be accepted or created.
-
10:00
»
Packet Storm Security Advisories
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products. Each vulnerability described in this advisory is independent from other. The vulnerabilities are related to processing Session Initiation Protocol (SIP) or Media Gateway Control Protocol (MGCP) messages. Successful exploitation of all but one of these vulnerabilities can crash the affected device. Exploitation of the remaining vulnerability will not crash the affected device, but it can lead to a denial-of-service (DoS) condition in which no new TCP-based connections will be accepted or created.
-
-
13:58
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.
-
13:58
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.
-
-
10:06
»
remote-exploit & backtrack
Hi bt users
I am doing an experiment in which i am trying to get an energy saving protocol in 802.11 MAC layer
i am using orinocco cards in ad-hoc mode and 2 computers with ubuntu 8.10
i am planning to switch over to bt4 as i need to dump the packets and then analyse them for throughput etc..
i am using tcpdump/wireshark for this
next stage i am going to fix the power of both the cards and vary the distances and analyse the loss in packets..
can someone recommend me utilities specifically in bt4
lastly i am planning to make one node as master and inject the protocol using some utility..please recommend me utilities to achieve my experiment..
thanx in advance
-
-
14:00
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.
-
14:00
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.
-
-
19:00
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances are affected by TCP connection exhaustion, Session Initiation Protocol (SIP) Inspection, Skinny Client Control Protocol (SCCP) Inspection, and other denial of service vulnerabilities.
-
19:00
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances are affected by TCP connection exhaustion, Session Initiation Protocol (SIP) Inspection, Skinny Client Control Protocol (SCCP) Inspection, and other denial of service vulnerabilities.
-
-
11:00
»
Hack a Day
The headphone remote for the third generation iPod shuffle has a special chip that identifies it to the iPod itself. [David Carne] posted an in-depth report about the process he used to reverse engineering that protocol. He’s discovered that the remote uses a peculiar signal to identify it as authentic when the device powers up. [...]
-
-
17:00
»
Packet Storm Security Advisories
Aruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.
-
-
21:10
»
SecDocs
Authors:
Harald Welte Tags:
GSM fuzzing phone Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: With the recent availability of more Free Software for GSM protocols such as OpenBSC, GSM protocol hacking is no longer off-limits. Everyone can play with the lower levels of GSM communications. It's time to bring the decades of TCP/IP security research into the GSM world, sending packets incompatible with the state machine, sending wrong length fields and actually go all the way to fuzz the various layers of the GSM protocol stack. The GSM protocol stack is a communications protocol stack like any other. There are many layers of protocols, headers, TLV's, length fields that can "accidentially" be longer or shorter than the actual content. There are timers and state machines. Wrong messages can trigger invalid state transitions. This protocol stack inside the telephone is implemented in C language on the baseband processor on a real-time operating system without any memory protection. There are only very few commercial GSM protocol stack implementations, which are licensed by the baseband chipset companies. Thus, vulnerabilities discovered in one phone will likely exist in many other phones, even of completely different handset manufacturers. Does that sound like the preamble to a security nightmare? It might well be! Those protocol stacks never have received the scrutiny of thousands of hackers and attack tools like the TCP/IP protocol suite on the Internet. It's about time we change that.
-
21:10
»
SecDocs
Authors:
Harald Welte Tags:
GSM fuzzing phone Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: With the recent availability of more Free Software for GSM protocols such as OpenBSC, GSM protocol hacking is no longer off-limits. Everyone can play with the lower levels of GSM communications. It's time to bring the decades of TCP/IP security research into the GSM world, sending packets incompatible with the state machine, sending wrong length fields and actually go all the way to fuzz the various layers of the GSM protocol stack. The GSM protocol stack is a communications protocol stack like any other. There are many layers of protocols, headers, TLV's, length fields that can "accidentially" be longer or shorter than the actual content. There are timers and state machines. Wrong messages can trigger invalid state transitions. This protocol stack inside the telephone is implemented in C language on the baseband processor on a real-time operating system without any memory protection. There are only very few commercial GSM protocol stack implementations, which are licensed by the baseband chipset companies. Thus, vulnerabilities discovered in one phone will likely exist in many other phones, even of completely different handset manufacturers. Does that sound like the preamble to a security nightmare? It might well be! Those protocol stacks never have received the scrutiny of thousands of hackers and attack tools like the TCP/IP protocol suite on the Internet. It's about time we change that.
-
-
21:04
»
SecDocs
Authors:
Steven J. Murdoch Tags:
credit card bank Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous design errors, which could be exploited by criminals. Banks throughout Europe are now issuing hand-held smart card readers to their customers. These are used, along with the customer's bank card, for performing online banking transactions. In this talk I will describe how we reversed-engineered the cryptographic protocol used by these readers, using some custom-designed smart card analysis hardware. We discovered several flaws in this protocol, which could be exploited by criminals (and some already are). This talk will explain what vulnerabilities exist, and what the impact on customers could be.
-
21:04
»
SecDocs
Authors:
Steven J. Murdoch Tags:
credit card bank Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous design errors, which could be exploited by criminals. Banks throughout Europe are now issuing hand-held smart card readers to their customers. These are used, along with the customer's bank card, for performing online banking transactions. In this talk I will describe how we reversed-engineered the cryptographic protocol used by these readers, using some custom-designed smart card analysis hardware. We discovered several flaws in this protocol, which could be exploited by criminals (and some already are). This talk will explain what vulnerabilities exist, and what the impact on customers could be.
0day.today (was: 1337day, Inj3ct0r, 1337db) (159 unread)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution
