Tuesday, January 13, 2015

How many bits of entropy will stop a targeted attack?

Over at security.stackexchange there is currently the following question:
The OpenPGP (private) key format stores the key symmetrically encrypted ... key expansion takes about a second on my computer (GPG).
With this kind of setup, is it possible to make it hard enough to brute-force that it's sane to have the private-key publicly available?
I expect the answer depends on the passphrase complexity. E.g. if you somehow managed to have a passphrase with 256 bits of entropy, then an attacker would be better off just guessing the derived key instead of the passphrase - which in this case amounts to brute-forcing an AES key (which I'd consider hard enough to be "safe"). So the question might really be "how complex does your passphrase have to be to make this safe?".
I touched on this thought in my comment over there, but would like to muse on the question a bit more.

His is talking about having his encrypted private key publicly exposed, most likely in a way that it is associated back to one of his accounts. Unless he plans on never actually using the key pair, there will be exploitable benefits to someone malicious to have the private key. Forge messages, open messages sent to him, possibly open messages sent from him. Also, just the thrill of winning may drive folks to attempt this challenge.

Folks, don't issue challenges like this. Remember Todd Davis, the LifeLock CEO that put his Social Security Number in the ads because of how confident he was in his product? He has been identified as an identity thief victim 13 times. And that is with his entire companies' mission and reputation on the line (a reputation that the federal government viewed as $12 million dollars tarnished!). Don't do it!

Once the challenge is issued, it isn't just a question of can the password be cracked. It now becomes a question of can he be hacked. Well crafted, personalized malicious emails (spear phishing) being sent to him, possibly even coming from his compromised friends. When you are a target, anyone connected to you may become a target. As a target, a large amount of personal information can typically be gathered including address, phone number, family members and more. Unfortunately this activity, doxxing, is fairly common as a type of online harassment. Challenged enough what can someone do with all this information?
Not a *likely* outcome. Source: XKCD
If a hacker gains control of your computer, they can place software to harvest your sensitive data: passwords, pseudonyms, possibly financial information.

Please, don't intentionally make yourself a target. (Says the guy that ran for Congress in 2014)

Thursday, January 8, 2015

What is... gamerDNA

gamerDNA
Find out what's happening in a game you're playing
January 7, 2015
Matthew Molyett
https://secsandcyber.blogspot.com

Executive Summary

This is a detailed look into the web application gamerDNA, which is a social networking website for video game players and games database. Data about the application was collected through a combination of manually browsing the web pages, inspecting URL structures, scraping pages through a Python spider script, and inspecting the application traffic recorded in WireShark and FireBug. Based on URL structures and file extensions, the backend of gamerDNA is Ruby on Rails and php. I confirmed my understanding of the interaction traffic by creating a Python module to allow interacting with the application through automation, which is available on GitHub. Connections to gamerDNA can be made over HTTPS, and most sensitive pages try to redirect to it, but the certificate is expired.

Why gamerDNA?

To select an application I wanted to inspect, I pulled an entry off of the English Wikipedia page “List of social networking websites.” My criteria was that the site be identified as fairly mature (gamerDNA was established September 2006), have a large user base (310,000), and be near the middle of the list when sorted on page ranking. (approximately in the middle) Candidate applications needed to be in English, something I’d never used, registerable, and have a general subject matter that I’d be familiar with (gamerDNA is listed with a focus of “Computer and video games”). Before looking into the site, I read the linked Wikipedia page. All the parenthetical details are as presented in the List. The player directory on the site claims 864,576 users.

Methodology and reason

During my initial review of gamerDNA, I browsed the site unauthenticated and only via HTTP in FireFox with FireBug in a Windows XP VM. By being in a XP VM, it minimized the network chatter that I was seeing on my host system’s WireShark capture. This set up allowed me to really dive into the network actions of the gamerDNA application and learn some new tricks for using WireShark to trace.
http.request.method == "POST"
Verifying what I believed though Python was also educational, as I had to learn about making POST requests and maintaining cookies. Also, the ‘requests’ module!

Public Application Functions

gamerDNA contains provides three primary functions, a directory of Games, a directory of Players, and "NOW" which is a feed of recent activity on the application, which is all browsable by the public. Most activity and information submitted by members is publicly visible, where only real name, gender, and age can be private.

Member Application Functions

As a social networking site, gamerDNA allows the posting general public statuses, statuses related to a game being played, sharing images (with or without association to a specific game), reviewing games, and associating games and gaming consoles with themselves. These pieces of data can be aggregated into a viewing feed, called the gamerCURRENT, by selecting Players or Games to Follow. Each Player has a main homepage at [PlayerHandle].gamerdna.com
A Gamer's profile consists of four pages
  1. A homepage with a status feed, recently played games, 'follower' information, and an avatar image
  2. A gamer biography page with Name, Sex, Age, gaming info, and gamerDNA account info (join data, last login, profile views)
  3. A games played page
  4. An image hosting page
Other functions available to members
  1. API key and /help/helix-api/
  2. private messaging at /private.php
  3. vbulletin Forums at /forums.php
  4. quiz at /quizzes/
  5. Warhammer Signatures at /warhammer-signature
  6. Warcraft Signatures at /wrath-of-the-lich-king-signature
  7. Guild hosting at /hosting/ **HTTPS only**
  8. Chat

Website Identity Information

  • Copyright Info: "gamerDNA®, Contents are Copyright 2006–2015 PLAYXPERT LLC and Live Gamer Inc. gamerDNA and the gamerDNA Logo are trademark and property of Live Gamer Inc."
  • DNS
>>nslookup gamerdna.com 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
Non-authoritative answer:
Name:    gamerdna.com
Address:  208.88.178.16
  • WHOIS [Full details in Appendix A]
Registrant Organization: LIVE GAMER, INC.
Registrant City: NEW YORK
Registrant State/Province: NY
Registrant Postal Code: 10012
Registrant Country: US


  • GeoIP2 City
IP Address: 208.88.178.16
Location: Sunnyvale,California,United States,North America
Postal Code: 94089
  • Certificate Information

CN = *.gamerdna.com
OU = PositiveSSL Wildcard
OU = Domain Control Validated
Valid (10/10/2013 0:00:00 AM GMT) - (10/11/2014 23:59:59 PM GMT)
CA Issuers: URI: http://crt.comodoca.com/PositiveSSLCA2.crt
DNS Name: *.gamerdna.com
DNS Name: gamerdna.com
  • Interesting Geographic data

    • From the Terms of Service:
      • Choice of Law and Forum. The TOS and the relationship between you and GamerDNA shall be governed by the laws of the Commonwealth of Massachusettes without regard to its conflict of law provisions. You and GamerDNA agree to submit to the personal and exclusive jurisdiction of the courts located within the county of Middlesex, Massachussetts.
    • Server Hosting based on IP:
      • Sunnyvale,California
    • Domain Registration:
      • Registrant Organization: LIVE GAMER, INC.
      • Registrant City: NEW YORK
      • Registrant State/Province: NY

Security Issues [Full details in Appendix C]

  1. Website presents an expired certificate: This causes visitors to have to click through a browser warning about the identity of the site. If accessing the site requires a security click-through, users are less likely to notice a bad certificate being presented due to an ongoing Man In The Middle attack.
  2. Website allows account registration and login over HTTP: This causes a created account’s password / unsalted password md5 hash to be visible in network traffic. To disallow this would prevent HTTP-only users, but allowing it amplifies the already significant security risks of password reuse.  [Full packets in Appendix B]
  3. Website allows logged in users to navigate over HTTP: This causes the session cookies to be visible in network traffic. To disallow this would prevent HTTP-only users, but allowing it risks session hijacking.
  4. XXXXX Redirects to an attacker specified page
    1. SEE APPENDIX C
  5. Fields allow for static script injection
    1. SEE APPENDIX C
  6. Information leak in 403 Error Page
    1. SEE APPENDIX C
  7. Server software in use
    1. SEE APPENDIX C
  8. Registration page
    1. SEE APPENDIX C

Application functionality

The application functionality that I analyzed has been implemented in the gamerDNA class of spider.py. ( https://github.com/SecsAndCyber/py_gamerDNA/blob/master/src/spider.py )

Login Functions

  • login.php
  • logout?r=%s

Check Email

  • accounts/checkEmailUniquity.php?email=%s

Make Status Post

  • rails/profile/set_quote

Follow Games or Players

  • rails/profile/follow/%s
  • rails/profile/unfollow/%s
  • rails/game/follow/%s
  • rails/game/unfollow/%s

Associate or Review Games

  • dna/add_game/%d
  • dna/delete_game/%d
  • dna/game_update/%d

Update Biographical Information

  • rails/dna/save_info
  • rails/dna/update_location/?location=%s

Add or Remove Images


  • rails/dna/image_submit
  • rails/dna/image_delete/%d

Author's note: Full report with appendices possibly available. Contact me if you are interested.

Sunday, January 4, 2015

Extending your home network... insecurely

I reorganized my house this week and gained a private office space, though one without a coaxial jack. This makes it impossible to immediately replicate my previous setup of a whooping three feet of CAT 6 between my main workstation and the FiOS router. Unfortunately a WiFi connection isn't an option as the box isn't compatible.

Options for connecting a new room to your home network

  1. Add CAT 6 Ethernet cabling: Doing this cleanly requires running cables through the walls and cutting holes for new outlet boxes with a face plate. Highly suggested if you own your house, but I'm in a rental. Pass.
  2. Reuse an extra wireless router as a wireless bridge: I tried this one for a few hours (hours that the wife was not happy I was spending!) but the only router I had sitting around was an Actiontec MI424WR Rev I which is not compatible with DD-WRT firmware.
  3. Power-line networking: Add a device to connect Ethernet networking over the existing power lines within the house. The guy I talked to at Best Buy recommended the Actiontec Powerline Ethernet Adapter Kit [PDF] over the WiFi extender I was looking at. At $39.99 instead of $99.99, I decided to try it.
Fast and easy...setup in less than 5 minutes
The box claims a quick and easy set-up, just plug the single adapter into the wall and wire it to the router. Plug the four port adapter into the wall near your machines and wire them up. So I did, and almost immediately my workstation was connected to the Internet... success! Or so I thought.

Verify that the network is up

Along with my main workstation, my office is home to a server which provides multimedia and intranet web hosting. Once I had Internet access, the next step was to check for the rest of the intranet machines. I navigated to http://192.168.1.1 (default MI424WR address) and the expected page pulled up, but my login failed. Double checking my password typing, the login failed a second and third time. More information needed now!

Check Windows' "Network" page

Under Printers there was a Lexmark, under Computer there was a name I didn't recognize. This is a problem, and one that needed addressed immediately! My workstation was connected to someone else's network.
**generic encryption key**

Ease of setup security hole

The problem was documented right there in the manual, the adapters come pre-provisioned with a default, generic encryption key. This is great for easy set up because you can just plug it in and go. It is bad for security because it means you can just plug it in and join any network that is already there! Turns out my neighbors already had expanded their network with a similar, compatible product. They plugged it in and it just worked. I plugged mine in and it just worked... with their existing network.

I don't understand why the manual in the box doesn't tell how to update the encryption key, it just directs you to their website. Which pretty much guarantees that a random person directed by their Best Buy clerk will never update it.

From the Actiontec website:
    How do I change the encryption key on a PWR500 Powerline Adapter?
    To reset and change the encryption key on the PWR500, follow the steps below:
  1. Plug the Adapters into electrical outlets on the same circuit.

  2. Press and hold the Security button on each unit one at a time for exactly 10 seconds. On the 10th second, let go of the button. When you release the button, the Power LED's will turn off very briefly and turn back on. The LK LED's will not turn back on at this time.

  3. Then on one of the units, press and hold the Security button for exactly 3 seconds. On the 3rd second, release the button. When you release the button, the Power LED will begin to flash.

  4. Now on the other unit, press and hold the Security button for exactly 3 seconds. On the 3rd second, release the button. When you release the button, the Power LED will turn off and back on breifly, and then the LK LED should be lit on both units. Provided the LK lights on both units are lit, the encryption key has been changed and the two Adapters are now connected on the same Powerline network with a new encryption key.