DeepSec2016 Talk: Cover Your SaaS: Protecting Your Cloud With Analytics and Machine Learning – Ian Thornton-Trump

Some people call military intelligence an oxymoron. This usually happens when something goes wrong. It might be due to sloppy reconnaissance, operations, or simply bad luck. While it’s always good to have someone or something to blame, things are not so easy in modern „cyberspace“. Improving your security means to have something to base this improvement on. Despite the fact that being lucky is never a bad choice, the selection of your defences and the assessment of the threats you are facing need to be based on something more solid. IT departments have been mining logs and other kind of raw materials that produce metrics for decades. Every once in a while there is a new trend. Now that we can store enormous amounts of data and can access it, we have a lot more options. Ian Trump will tell you about his approach at DeepSec 2016:

COVER YOUR SAAS – Protecting Your Cloud with Analytics and Machine Learning

The more intelligence you have, the greater the chance you can find your bad guy. Having spent many years working in military intelligence and law enforcement, Ian Trump, Global Security Lead for SolarWinds MSP, will welcome you to a new world of cyber security, where machine learning and big data solutions can help you find bad guys to protect your business from harm – although justice may be elusive. Just as thousands of troops close to a countries border are disconcerting to the citizens and national leaders, identifying hostile actors inside a network is equally so. How does machine learning and big data combine to provide awareness of the threats and intentions of a hostile cyber actor? Ian will reveal how SolarWinds MSP’s capabilities are advancing the security where it really counts, in the small and medium enterprises which are on the front line of cyber crime. Sharing his knowledge of Advanced Persistence Threats, cyber-criminal and foreign intelligence service capabilities, Ian will talk about how SolarWinds MSP is working with partners world-wide to save the internet from the bad guys through machine learning and big data analysis.

True, small and medium businesses are a good target. They are often used as a stepping stone in larger operations. Web sites and internal clients get compromised just to serve as a computing platform with network access. It’s just another hop in the scheme of attackers. Time to address the deficiencies and fix them. Make defence great again!

ian-thornton-trumpIan Trump, CD, CEH, CPM, BA is an ITIL certified IT consultant with 20 years of experience in IT security and information technology. From 1989 to 1992, Ian served with the Canadian Forces (CF), Military Intelligence Branch; in 2002, he joined the CF Military Police Reserves and retired as a Public Affairs Officer in 2013. Ian previously managed IT projects at the Canadian Museum of Human Rights and is currently Global Security Lead at SolarWinds MSP working across the business to define, create and execute security solutions and promote a safe, secure Internet for Small & Medium Businesses world-wide.

DeepSec 2016 Talk: Fuzzing Remote Interfaces for System Services in Android – Alexandru Blanda

When in doubt, go for the core. This statement is true for most Star Wars films. It is also valid for any kind of security research. Modern software has a ton of dependencies, metric or otherwise. In addition most platforms provide a set of basic components accessible by API. The wheel has been invented already. So if you look for weaknesses, addressing these fundamentals is a good idea. Why start at the outer shell, when you can directly go to the foundation of the walls. Siege warfare used to be like that. What happens when you combine the technique of fuzzing with accessible interfaces will be explained by Alexandru Blanda in his presentation at DeepSec 2016.

System services represent one of the core components in Android, implementing many fundamental Android features such as media playback, graphics or network connectivity. The fact that the large majority of system services exposes a remote interface that can be called by other unprivileged applications or services makes them an excellent attack vector. From a system security perspective this makes even more sense since most of the components and processes executed behind each system service run with high or increased privileges. During the presentation the audience will learn about a fuzzing approach that can be used for testing system services in Android. In-depth information will be provided about the implementation of the tools developed to accomplish this task and examples of actual vulnerabilities that were discovered in the latest versions of Android.

This talk is not only for penetration testers. Software developers are encouraged to attend as well. Security professionals should take a look, too. The method is not tied to the Android system. You can extend/transfer the approach discussed by Alexandru to any other system. Most have system services exposed to user space software. What else do you need?


Alexandru Blanda is a software security engineer, part of the Open Source Technology Center at Intel Corporation. He is currently working on projects related to the overall security of the Android OS, mainly focusing on methods to improve the efficiency of fuzzing techniques inside this environment and discovering ways to uncover vulnerabilities inside different components of the operating system.

DeepSec 2016 Talk: Malicious Hypervisor Threat – Phase Two: How to Catch the Hypervisor – Mikhail A. Utin

The blue/red pill analogy has been used a lot when it comes to hypervisor security and virtualisation. While there are reliable ways to determine if your code runs in a hypervisor or not, the underlying problem still persists. How do you know if the platform your code runs on watches every single move, i.e. instruction or data? Given the discussion of backdoors in hardware, this threat is real. Mikhail Utin discussed his findings at DeepSec 2014. He discovered manipulation of the BIOS in certain server systems. The hardware was probably affected, too. Two years later he presents his research covering the detection of malicious hypervisors in parts of your infrastructure where they should not be.

Utilizing the definition of vulnerability as “inability to resist a threat” we want to update our consideration of three vulnerabilities analyzed in our 2014 DeepSec presentation about “technology inflicted vulnerabilities”. These vulnerabilities are caused by missing security components while designing virtualization technology (VT) support and IPMI. We would like to share our experience while discussing the vulnerabilities and combined threats in question.

We believe that at least one Malicious Hypervisor exits and is possibly in use. And what’s more, we cannot control the underground exploitation of software development. An MH attack may happen any time.The first level of addressing the Malicious Hypervisor threat is its discovery. Various ideas we analyzed did not deliver the quality and speed necessary for its identification. Thus we developed our own methods and software and would like to present to the audience some of our findings and results. We hope that it will encourage the security community to continue our joint efforts to address virtualisation and IPMI threats.

Make no mistake, the threat is real. This is not an academic attack. It has been found in the wild, and it is being used as of now. The research around this attack vector is quite new. You are welcome to contribute and discuss Mikhail’s results. DeepSec is also interested in hearing more about compromised infrastructure, hard-to-explain anomalies, and stealthy methods. We recommend this talk to anyone relying on computing infrastructure for any reasons.


Mikhail A. Utin completed his basic engineering education in 1975 in Computer Science and Electrical Engineering. His career in Russia included working for several research and engineering organizations. Doctorate / PhD in Computer Science (1988) from the then called Academy of Science of the USSR. In 1988 he founded and until 1990 leaded an information technology company and successfully worked in the emerging private sector of Russia. Mikhail held several USSR patents and published numerous articles.

He migrated to the US with his family in 1990 to escape from political turmoil, hoping to continue his professional career. In the US he worked for numerous companies and organizations in information technology and information security fields including contract work for the US government DoN and DoT. Together with colleagues Mikhail formed the private company Rubos, Inc. for IT security consulting and research in 1998 and worked as a (ISC)2 certified professional for 9 years. He published articles on the Internet and in professional journals, and is a reviewer of articles submitted to the (ISC)2 Information Security Journal: A Global Perspective.
His current research focuses on information security governance, regulations and management, and the relationship between regulations, technology, business activities and businesses’ security status. Most of his research is pioneering work and an exploration of complex security problems outside of information securitys mainstream or on problems considered impossible to resolve.

DeepSec2016 Workshop: Secure Web Development – Marcus Niemietz

The World Wide Web is everywhere. It has become the standard protocol for transferring data, accessing applications, configuring devices, controlling software, or even multimedia streaming. Most software development can’t be done without web applications. Despite the easy concept the technologies used in „HTTP/HTTPS“ have grown in very complex beasts. Few get it right, lots of developers make mistakes and end up at the wrong side of a security presentation at a conference. Fortunately there is help. We offer you a workshop at DeepSec 2016 to make your web software development great again!

The “Secure Web Development” training by Marcus Niemietz systematically covers the OWASP Top 10 threats as well as threats, which may be important in the future (e.g. HTML5 and AngularJS attacks). At the end of the training each attendee will be able to create her/his own check-list for avoiding security vulnerabilities.

On day one, Marcus is focusing on topics like Social Engineering, Logical Flaws, Cross-Site Request Forgery, and Cross-Site Scripting. As one of the authors of the attack technique called “Scriptless Attacks” Marcus will show you how to attack applications without even using scripts. Furthermore, Marcus will show you his newest research regarding the Same-Origin Policy; this includes at least one unpublished vulnerability in IE/Edge.

On day two, Marcus will introduce you to his favourite topic: UI redressing aka.clickjacking. After that you will learn attack and defense techniques from the server-side perspective: RCE, SQLi, and file inclusions. To sum it all up the day ends with a self-created security requirement.

This is what you can expect on the first day: Basic knowledge (HTTP, HTML, CSS, XML, and DOM), Social Engineering and Information Disclosure, Logical Flaws,  Same-Origin Policy, Cross-Site Request Forgery, Cross-Site Scripting (Reflective XSS, Stored XSS, DOM-based XSS, Self XSS, Mutation-based XSS), Session Hijacking and Session Fixation.

The second day will be all about: UI Redressing and Clickjacking, File Inclusions and Path Traversal, Remote Command and Code Execution, SQL Injections, Secure Coding, Security Requirements

The training includes approximately 60% of instructions and 40% of exercises (discussions, hands-on). You should definitely attend if you are a web developer. Depending on the level of knowledge, this workshop might also be interesting for penetration testers and security researchers (especially day 2!). You should know the basics about HTML, JavaScript, and SQL. Every participant needs an Internet connection and a laptop with Firefox. You will learn a lot – we promise!


marcus_niemietzMarcus Niemietz is the co-founder of Hackmanit and security researcher at the Ruhr-University Bochum in Germany. He is focusing on Web security related topics like HTML, JavaScript, and especially UI redressing. For security experts and web developers, Marcus Niemietz has published a book about the important OWASP topic UI redressing. Beside that he works as a security consultancy and gives OWASP security trainings for well-known companies. Marcus Niemietz has spoken on a large variety of international conferences (incl. Microsoft’s Blue Hat in Redmond, Black Hat in Singapore/ Abu Dhabi, and DeepSec).

DeepSec 2016 Talk: 802.11 Complexity. An Introduction to 802.11 Protocol Chaos – Andrés Blanco

Do you remember the days of Wired Equivalent Privacy (WEP)? One might almost say security design was bad back then. The question is: Has it really improved? Proper encryption and authentication is only a part of the design. In the case of wireless networking there is a whole lot more to consider. Shooting clients off the network is still possible. Penetration testers can tell you much more about the quirks and weaknesses of wireless protocols. This is why we asked Andrés Blanco to give a presentation about the state of wireless affairs.

WiFi is everywhere and everyone is using it everyday. Employees connect to enterprise networks using their mobile devices, and later the same day to a WiFi network at a coffee shop or their home network. WiFi networks give users mobility and wire-less connectivity, but at what cost? IEEE and vendors add new functionalities to the IEEE 802.11 protocol every year. Are we sure how to use these new features? And how could they expose us to potential attacks?

Most companies rely on the 802.11 protocol chaos every day. And this even does not include the many perils of the Internet of Things (IoT). We recommend this talk not only for anyone testing defences, but also to everyone using 802.11. DeepSec 2016 features a workshop covering WiFi attack technologies such as the Pineapple. You should get a ticket for the training to complete your skills.


Andrés Blanco is an information security researcher. His interests and expertise include network security, hardware, reverse engineering and privacy. He specializes in 802.11 security working on firmware, driver reverse engineering and protocol analysis. He presented his work at conferences such as Defcon, Black Hat USA Arsenal, and Ekoparty.

Last Call for Early Bird Tickets – DeepSec 2016

We are back from 44CON and thoroughly enjoyed our time in London. The keynotes were great. The presenters showed a lot of interesting thoughts and facts you can use for attack and defence. Furthermore the conversations with attendees and speakers were very fruitful. You really cannot plan what you will be talking about. This is why you should attend conferences. And this is why you should book your DeepSec tickets now!

Early bird registration is still possible. Make the most out of it. Don’t wait until the last minute! If you are interested in attending workshops, book as soon as possible! Trainings have a minimum number of participants. You have been warned.

Either way, we are looking forward to see you at DeepSec 2016!

Firmware Threats – House of Keys

SEC Consult, our long-term supporter, has updated a report on the use of encryption keys in firmware. These hardcoded cryptographic secrets pose a serious threat to information security. The report features 50 different vendors and has some interesting statistics. The results were coordinated with CERT/CC in order to inform the vendors about the problem. The highlights of the research includes:

  • 40% increase in devices on the web using known private keys for HTTPS server certificates
  • 331 certificates and 553 individual private keys (accessible via Github)
  • some crypto material is used by 500,000 and 280,000 devices on the web as of now

The recommendations are crystal clear: Make sure that each device uses random and unique cryptographic material. If operating systems can change account passphrases after initialisation, so can your device. Take care of management interfaces! This is especially important for anyone dealing with infrastructure (Internet service providers for example). User can also do something. Ensure that your (Open)SSH keys change regularly. The same must be true for X.509 certificates and keys. Do not reuse the key material! Once the certificate expires, so does your key! Change it!

The report should be read in the light of the dreaded Internet of Things (IoT). Smart devices are prone to bad crypto habits. It’s bad enough that some protocols are cryptographically weak or broken, but keys and certificates should be addressed by a proper process. This is all part of the design, deployment, and maintenance process.

Make no mistake, the material is now on Github and can be actively exploited. Do your homework now. In case you need to refresh your memory where cryptography is concerned, we recommend the training conducted by Juraj Somorovsky.

DeepSec 2016 Workshop: Deploying Secure Applications with TLS – Juraj Somorovsky

Cryptography is all around us. It has become something like the background radiation of the networked world. We use it on a daily basis. Since nothing usually comes into existence by mistake, there must be someone responsible for deploying this crypto stuff. You are right. Software developers, mathematicians, engineers, system administrators, and many more people are involved to make encryption happen. The hard part is to get it right. The mathematics involved is hard. A lot can go wrong. This is why we have a workshop for you at DeepSec 2016!

Have you (or your manager) ever wondered why your server is getting bad grades from SSL labs? Or are you interested in improving the performance of your TLS server?

If you answer one of these question with “yes”, you should consider to take part in the Deploying Secure Applications with TLS training. This training will not only introduce you to a few commands to handle specific attacks. It gives an introduction to the TLS protocol itself and presents different methods how to properly analyse TLS traffic. This training explains basic concepts behind well-known attacks like BEAST, CRIME or DROWN, and shows why is it necessary to mitigate these attacks. Specific tools to test configurations of your TLS server will also be presented.

The topics of this training include:

  • Short intro to cryptography
  • Internet protocol suite
  • TLS protocol
  • Certificates
  • TLS attacks
  • TLS implementations
  • Securing TLS configuration
  • Security evaluation with specific tools

We highly recommend this training for you. Most modern technologies have cryptography included. In turn this means that you absolutely have to deal with the challenges of TLS and beyond. It is not necessary to become a full fledged mathematician. However you have to know what you are doing. DeepSec is well-known for its in-depth trainings, and this is a prime example. Don’t miss the opportunity!

photo_jurajDr. Juraj Somorovsky is a security researcher at Ruhr University Bochum, and co-founder of Hackmanit GmbH. He is a co-author of several TLS attacks (e.g., DROWN), and the main developer of a flexible tool for TLS analyses: TLS-Attacker.
He presented his work at many scientific and industry conferences, including Usenix Security, Black Hat, DeepSec, and OWASP Europe.

DeepSec 2016 Talk: How to Bypass Content Security Policy (CSP) – Lukas Weichselbaum

The Content Security Policy (CSP) is an additional layer of security for web applications. It is intended to detect and mitigate certain types of attacks. CSP is deployed by using the HTTP Content-Security-Policy header for publishing a policy. The policy instructs the web client how various resources will be used, where they come from, and the like. Violations of the policy can be reported to an application. Basically you can give the web client important hints what to expect. The reporting helps your intrusion detection process since the web clients usually understand the Web better than IDS modules. Lukas Weichselbaum is working at Google, and he will explain how CSP can be bypassed.

In this presentation I’ll highlight the major roadblocks that make CSP deployment difficult. I talk about common mistakes, about how we automatically bypassed the CSP of more than 95% of ~1.6 Million domains e.g. by showing how easy it is to defeat the whitelist-based model with some juicy bypasses, for example thanks to JSONP endpoints, by abusing a CDN and loading outdated versions of AngularJS. Finally, I present a radically new way of doing CSP in a simpler, easier to maintain and more secure way based on nonces and making use of a new feature we contributed to CSP3.

Lukas will also show you how to deploy CSP is a more secure fashion. Everyone developing or deploying web applications should take a look at his research. Given the fact that CSP is around since 2004 and implemented beginning with Firefox 4, its use should be much more widespread. Therefore we ask you to attend Lukas’ presentation. Make good use of what he has to say!

lweLukas Weichselbaum is an Information Security Researcher at Google focusing on security enhancements and mitigations for web applications. He co-authored the specification for ‘strict-dynamic’ in CSP3 and launched CSP-Evaluator, a small tool for developers and security experts to check if a Content Security Policy serves as a strong mitigation against cross-site scripting attacks. Lukas graduated from Vienna University of Technology in Austria where he worked on dynamic analysis of Android malware. He also founded Andrubis – one of the very first large scale malware analysis platforms for Android applications. Before joining Google in 2013, he worked as a security consultant leading numerous national and international projects in the area of information security.

DeepSec2016 Talk: badGPO – Using GPOs for Persistence and Lateral Movement – Yves Kraft & Immanuel Willi

System administration has evolved a lot during the past decades. Instead of enjoying long walks through the forests of servers and clients, the modern sysadmin controls the whole infrastructure by policies. Most operating systems can take advantage of this technology. As with software upgrades, these tools can make your life easier – or help an intruder to get a firm hold onto your infrastructure. Malicious activity can exploit your management networks/systems. Once this happens, you are in deep trouble. We have invited two security experts who created a demonstration. They used the Microsoft® Windows platform in combination with native tools:

Group Policy is a feature which provides centralized management and configuration functions for the Microsoft operating system, application, and user settings. Group Policy is simply the easiest way to reach out and configure computer or user settings on networks based on Active Directory Domain Services (AD DS). Such policies are widely used in enterprise environments to control settings of clients and servers: registry settings, security options, scripts, folders, software installation, and maintenance; just to name a few. Settings are contained in so-called Group Policy Objects (GPOs) and can be misused in a sneaky way to distribute malware and gain persistence in an automated manner in a post exploitation scenario of an already compromised domain. In a proof of concept inspired by Phineas Fishers’ article about pwning HackingTeam, we will show how persistence and lateral movement in a compromised company network can be achieved and demonstrate some PowershellEmpire Framework modules which we created. PowershellEmpire is basically a post-exploitation framework that utilises the widely-deployed PowerShell tool for all your system-smashing needs. There are already functionalities built-in regarding GPOs. We tried to further evolve the misuse of GPOs in additional scenarios. Furthermore, we will discuss some countermeasures including detection and prevention mechanisms.

The presentation is a prime example that off-the-self tools pose a security risk, depending on how they are used. Policies and code of any kind will do nicely. The advantage for the attacker is the presence of the tools. There is no need to install extra applications. Everything necessary to gain wider access is already at the target site. We recommend this talk for everyone dealing with system administration and infrastructure. If you can automate stuff, so can your adversaries.

Yves_Kraft-PortraitYves and Immanuel are both penetration testers at Oneconsult AG. Their daily business is to build and deconstruct things. Yves works as a security consultant at Oneconsult, focusing on penetration tests, security consulting and training. He was promoted to team leader and branch manager Bern a year ago. As a former system and network engineer he managed several servers, applications and networks including systems at a large Swiss university, financial services and public administration among other industries.

Immanuel_Willi-PorttraitImmanuel worked several years as a system administrator at a university. When moving to another higher education institution he was appointed head of the internal IT services department. His work at Oneconsult is focused on penetration tests and security consulting.

DeepSec 2016 Talk: Machine Duping – Pwning Deep Learning Systems – Clarence Chio

Give a man a computer, and you 0wn him for a day. Teach a man to employ machine learning, and he will have to battle Skynet for a lifetime. This quote might not be the exact copy of the original, but it will do. Machine now learn stuff. Hence the are of machine learning is the new playground for start-ups, old school companies, researchers, and hackers, of course. A new era of sapiosexual attraction to artificial minds has begun. Information security is not spared. Algorithms have long been a part of defence. Now they are being used with machine learning. Since algorithms and machines run on networked computers, they can be attacked. At DeepSec 2016 Clarence Chio will explain to you how it can be done.

Deep learning and neural networks have gained incredible popularity in recent years. But most deep learning systems are not designed with security and resiliency in mind and can be duped by any attacker with a good understanding of the system. In this talk, we will dive into popular deep learning software and show how it can be tampered with to do what you want it do, while avoiding detection by system administrators. Besides giving a high level overview of deep learning and its inherent shortcomings in an adversarial setting, we will focus on tampering real systems to show real weaknesses in critical systems built with it. In particular, this demo-driven session will be focused on manipulating an image recognition and captcha solving system built with deep learning at the core.

The systems we use today are already very complex. By adding more complexity we will increase the attack surface. Algorithms from the field of deep learning and neural networks are no exception. Keep this in mind when you evaluate new products containing these features. Bear in mind that complexity also makes testing very difficult. By definition any system that learns, alters its state. This means your security component is constantly changing. This will very probably have an impact on your security defence, one way or another. We hope that this presentation will open your mind to this challenge.

393e414Clarence Chio graduated with a B.S. and M.S. in Computer Science from Stanford, specializing in data mining and artificial intelligence. He currently works as a Security Research Engineer at Shape Security, building a product that protects high valued web assets from automated attacks. At Shape, he works on the data analysis systems used to tackle this problem.
Clarence spoke on Machine Learning and Security at DEF CON 24, GeekPwn Shanghai, PHDays Moscow, BSides Las Vegas and NYC, Code Blue Tokyo, SecTor Toronto, Hack in Paris, and QCon San Francisco (2015-2016). He had been a community speaker with Intel, and is also the founder and organizer of the ‘Data Mining for Cyber Security’ meetup group, the largest gathering of security data scientists in the San Francisco Bay Area.

Of Clouds & Cyber: A little Story about Wording in InfoSec

In case you ever received a message about our calls for papers, you may have noticed that we do not like the word cyber. Of course we know that it is used widely. Information security experts are divided if it should be used. Some do it, some reject it, some don’t know what to do about it. We use it mostly in italics or like this: „cyber“. There is a reason why, but first let’s take a look where the word comes from.

The Oxford Dictionaries blog mentions the origin in the word cybernetics. This word was used in the 1940 by scientists from the fields of engineering, social sciences, and biology. Cybernetics deals with the study of communication and control systems in living beings and machines. Hence the word is derived from the Greek κυβερνήτης (kybernētēs, steersman, governor, pilot, or rudder). The cyber part attached itself to other words in the following decades. The idea of cyberspace is widely known. Cyberspace was born in William Gibson’s novel Neuromancer. Now we have a lot of cyber going around.

The main problem we have with this word is the fact that it hides meaning. Merriam-Webster explains that cyber is something with computers, computer networks or the Internet. Pick anything you like. Often the context lacks clarification. Take cyberwar for example. Cyberwar is a war where computers, computer networks or the Internet is used. So the breaking of the German Enigma could be labelled cyberwar as well. But where comes the war part in? Could cyberwar be anything you do with computers, computer networks, or the Internet while the war is on? So being caught in a war zone and frantically looking for a safe place on your smartphone by using online map services is a cyberwar? Sounds more like escape or sanity.

Attaching cyber to anything that can be described by a word doesn’t help either. The same is true for the word cloud. Cloud technology can be anything from creating rain out of thin air or hosting web sites. Let’s skip cloud warfare at this point. Instead of using the Cloud, you might want to take advantage of modern web, network, and virtualisation technology.

This is our criticism in a nutshell. Information security is already complex as it is. Adding smoke and mirrors to confuse the audience isn’t helpful. IT is full of acronyms without inventing new words or using existing words in wildly different contexts. Regardless if you are a researcher, writing about information security, develop software, or contribute by posing serious questions, please stick to facts. No distractions, no ambiguities, please. Thank you!

Deep Sec2016 Talk: DROWN – Breaking TLS using SSLv2 – Nimrod Aviram

In the past years encrypted communication has been subject to intense scrutiny by researchers. With the advent of Transport Layer Security (TLS) Internet communication via HTTP became a lot more secure. Its predecessor Secure Sockets Layer (SSL) must not be used any more. The real world has its own ideas. SSLv2 and SSLv3 is still present. Attackers can try to downgrade the TLS session by switching to insecure ciphers. When using the correct configuration, these downgrade attacks cannot happen. The question is: Are all of your devices, applications, and systems correctly configure? If you are not sure, better check again. In order to illustrate how these attacks work, we have invited Nimrod Aviram for DeepSec 2016. He will explain the inner workings of the DROWN attack.

We present Logo of DROWN TLS attack.a novel cross-protocol attack on TLS that uses a server supporting SSLv2 as an oracle to decrypt modern TLS connections. Our research introduces two versions of the attack. The more general form exploits multiple unnoticed protocol flaws in SSLv2 to develop a new and stronger variant of the Bleichenbacher RSA padding-oracle attack. To decrypt a 2048-bit RSA TLS ciphertext an attacker must observe 1,000 TLS handshakes, initiate 40,000 SSLv2 connections, and perform 250 offline work. The victim client never initiates SSLv2 connections. We implemented the attack and can decrypt a TLS 1.2 handshake using 2048- bit RSA in under 8 hours at a cost of $440 on Amazon EC2. Using Internet-wide scans we find that 33% of all HTTPS servers and 22% of those with browser-trusted certificates are vulnerable to this protocol-level attack due to widespread key and certificate reuse.

For an even cheaper attack we apply our new techniques together with a newly discovered vulnerability in OpenSSL that was present in releases from 1998 to early 2015. Given an unpatched SSLv2 server to use as an oracle we can decrypt a TLS ciphertext in one minute on a single CPU. This is fast enough to enable a man-in-the-middle attacks against modern browsers. We find that 26% of HTTPS servers are vulnerable to this attack.

We further observe that the QUIC protocol is vulnerable to a variant of our attack that allows an attacker to impersonate a server indefinitely after performing as few as 217 SSLv2 connections and 258 offline work.

We conclude that SSLv2 is not only weak, but actively harmful to the TLS ecosystem.


Nimrod AviramNimrod Aviram received a B.Sc. in Mathematics and Computer Science from Tel Aviv University. He is now a PhD student at The Department of Electrical Engineering at Tel Aviv University. Nimrod’s research interests include various topics in applied cryptography and Internet traffic.

DeepSec2016 Workshop: Offensive iOS Exploitation – Marco Lancini

If an iPhone gets exploited in the forest and no one is around to 0wn it, does it worry you? This philosophical question has been answered sufficiently by the latest Pegasus incident. All smartphone should worry you. The iPhone and its operating system is no exception. Actually breaking a smartphone give an attacker a lot of advantages. Chances are that you carry the exploited device with you all the time. At last the Age of Mobility has reached information security!

In order to develop exploits you need a healthy dose of software development and a (deep) knowledge of the platform being attacked. For those of you who do a lot of penetratoion testing, security analysis, or plain software quality management, we have a shortcut for you: the iOS exploitation workshop.

This is an exercise-driven training course that uses detailed tutorials to guide the attendee through all the steps necessary to exploit a real iOS application, and, in the process, provide an understanding of the modern attacker’s mind-set and capabilities. This course will cover iOS hacking, from the basics of vulnerability hunting on the platform to advanced exploitation techniques. At its conclusion, the course will also have imparted the information necessary to develop secure and robust applications.

Since your adversaries have gone mobile, so should you. We recommend this workshop especially for anyone who needs to defend users and company networks. Don’t let yourself being fooled by the word offensive. Once you understand what the attack looks like, you can improve the defence. Drop by and drop some 0wnage on iPhones!

marcolancini_pictureMarco Lancini is a Security Consultant at MWR InfoSecurity in the UK, specialising in mobile applications. He works assessing apps and device configurations for a number of large organisations including banking, financials, telco, and energy providers. He holds a Master’s Degree in Engineering of Computing Systems from the Politecnico di Milano University, and international certifications such as OSCP.
He has previously presented at Black Hat, DeepSec, Bsides, ACSAC, CCS, and NATO’s CYCON. He is a contributor of the OWASP Project and a Technical Reviewer of some IEEE Journals.

DeepSec 2016 Workshop: Penetration Testing Humans – Bethany Ward & Cyni Winegard

Do you know the film where the victim gets an unsuspecting phone call and dies three days later? No? Relax, it happens in the real world, too. The difference is that you get a quite normal phone call at the office and three days later some of your data has been copied. The technical term is leaked, also known as stolen. All your security measures will be untouched. Why break into a firewall or into servers when you get the access credentials by phone?
Social engineering is an advanced and very persistent threat. You probably get phone calls and emails every day. You may often interact with people you have never seen or met before. Given the right approach they will make you and your employees believe anything. In turn this technique is very efficient for security or penetration tests. If you do security checks or assessments, you should get in touch with the skills of social engineers. When it comes to defence you probably want to know what tricks of the trade are being used against you. This is why we invited two top experts in this field to DeepSec 2016!

In this two-day workshop, attendees will learn not only the history and fundamentals of social engineering, but how to create a personalized pretext unique to their needs. By blending psychology, anthropology, word-crafting, and acting, attendees will practice analysing their target as well as themselves. In this workshop will focus on everything from how to dress to how to phrase questions to increase the probability for a successful compromise.

This is a practical, hands-on course with a lot of interaction and, best of all, practice. To top it all off, the course will end with a contest where attendees get a chance to test their new skills against the instructors. There will be prizes for best showing.

All materials necessary for the course will be provided, but bringing scratch paper is recommended.

We strongly recommend this training for anyone communicating with other people on a daily basis. If you never pick up the phone, answer emails, or open the door, then you are probably safe. Or are you?


CWinegard_PhotoCyni Winegard is currently an Information Security Analyst with TraceSecurity. Starting her career as a Systems Administrator, she has moved into the information security industry and fallen in love with it. In her role at TraceSecurity, she performs penetration testing, security assessments, audits, and social engineering engagements. Cyni has a B.S. in History and Anthropology from Florida A&M University, a Master of Justice Studies in Cybersecurity, and a Graduate Certificate in Terrorism and Homeland Security. She is working on a Master of Digital Forensics degree from the University of Central Florida. She enjoys applying anthropological concepts to social engineering, and is passionate about compromising users. If not lost in cyberspace, Cyni can most likely be found practicing krav maga or playing video games.


BWard_PhotoBethany Ward is an Information Security Analyst with TraceSecurity, LLC. In this role she performs pentests, security assessments, IT audits, and social engineering engagements. She has a B.S. in Computer Science from the University of Arkansas. In addition to her technical skills, Bethany is an avid lover of writing, acting, and psychology, and enjoys applying her liberal arts skills to her technical pursuits. Bethany has spoken on social engineering at multiple conferences, including HackMiami and DEF CON. When not being fascinated by security, Bethany enjoys antiquing and playing video games.