When the binary was compiled based on .NET framework, the dnSpy is the shortcut to decompile it.
Unfortunately, IDA and Ghidra do not support .NET compiler, so there is no alternative. When we take a look into condition, we might find proper variable names then debug in real time to check the string value.
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! (https://www.owasp.org/)
$git clone https://github.com/CTFd/CTFd.git
Modify the docker-compose.yml file from the repository to specify a SECRET_KEY environment for the CTFd service.
Hyper-V provide a specific PowerShell tool for converting other VMs to Hyper-V disk(*.vhd, *.vhdx), but when converting images, it generally occurs errors depending on environment. After some trial errors, I found those errors can be categorized.
A cross compiler is a compiler capable of creating executable code for a platform other than the one on which the compiler is running. For example, a compiler that runs on a Windows 7PC but generates code that runs on Android smartphone is a cross compiler (Wikipedia)
Tried many things to make BBB connected to internet. There’re few different ways such as by enabling ethernet port or adding USB Wi-Fi dongle. But it won’t work stable when we move BBB to difference environment. Thus, I think sharing host internet is easiest way to give BBB an internet access. To make this we should route all outbound packets to this device from the BBB to the Internet via the Internet access interface.
First thing first, make USB connection between BBB and host machine. Then check the IP address on USB port.
USB0 has 192.168.7.1 and it is a default gateway for BBB’s usb0 interface.
#Enabling traffic re-routing to Internet Access interface on host machine #In this case, Internet traffic fro BBB’s USB0 enx4c3fd3c18fa6 will be routed to host’s Wi-Fi interface wlp10 $sudo sysctl net.ipv4.ip_forward=1 $sudo iptables --table nat --append POSTROUTING --out-interface wlp1s0 -j MASQUERADE $sudo iptables --append FORWARD --in-interface enx4c3fd3c18fa6 -j ACCEPT
Open source ? or commercial product? I believe they have pros and cons respectively. PfSense is working perfect as a centralized firewall includes almost everything but need more computing power when it deals with massive network traffic. Cisco ASA series are robust and fast, but expensive. So, maybe mid-range companies or organizations might prefer to use pfSense and big companies seem to use legacy bare-bone firewalls. Anyways it would be better for us to use both side of firewalls and compare its functions together.
Boot up then push esc key few times rmmon #0>confreg select no rmmon #1>confreg 0x41 rmmon #2>boot ciscoasa> ciscoasa>enable blank password ciscoasa#write erase ciscoasa#configure terminal ciscoasa(config)# config-register 0x01 ciscoasa(config)# exit ciscoasa#show version ciscoasa#write ciscoasa#reload login with blank password ciscoasa(config)#configure factory-default
We should also install the JRE since ADSM is running on JAVA Then add JRE path on system environment variables.
Then we can just start making initial configuration for physical ethernet ports. These are might be wan, management, dmz1 or dmz2 depending on purposes, but I would like to say we need to check consoles and GUI together to make sure that configurations are well synchronized. We can add up Cisco routers or switches to expand or isolate traffics.
We used a quite fancy digital oscilloscope in reverse engineering laboratory. Outside lab, I should find better way to recover my poor learning skills. Honestly, I am not a hardware guy, thus there were always tons of trial errors whenever playing with Beagle Bone. Fortunately, now I found out how to connect USB to TTL serial cable and how to display frequency on the alternative oscilloscope.
Make stable connections with BBB
Fist thing first, we need to connect BBB to PC with regular USB cable. There is a trick. When BBB is connected to PC, 4 blue LEDs will be blinking simultaneously. As soon as it stops blinking, make USB to TTL cable plugged into serial debug slot. First slot is GND, fourth is TX and firth is RX. Safe option is to push reset button in any unusual cases.
Base terminal application
I have been using the Screen for Raspberry Pi but Minicom is much better for BBB since it can modify some communication options like hardware flow control.
Just make same configuration on Minicom by using minicom -s option then save setup as dfl. Serial device location can be found inside dmesg.
I should have followed the wise saying: “There are two types of people. Those who backup and those who have yet to lose everything to a system crash.”
I wrote some takeaways from current learning practices on this tidy little space. Website was running on VM ESXi for few months without issue; however, an error has occurred while migrating and installing the hypervisors. Thought I made full disk back up, but I did not notice that file contains some errors. So, now I am in the middle of recovering my previous records.
There are always chances to get someone else’s unencrypted traffic especially in local network. We might use ARP-spoof, poisoning, gateway attack whatever, but Scapy is the one of great toot to check network environment.
Russia bluntly interfered the 2016 U.S. presidential election process. That was the unified judgement of all of three US intelligence agencies including CIA, FBI and NSA. According to their report (2017), there was a multitude of detailed disclosures and information about how Russia executed its campaign to influence the presidential election. More specifically, it was a highly orchestrated campaign directed and ordered by Vladimir Putin. Intelligence communities have stated with high confidence that the Russian government sought to influence the outcome of the 2016 U.S. presidential election favoring Donald Trump over Hillary Clinton. Russia’s motivation for meddling in presidential election was clear since Putin and his government preferred Trump for maintaining their regime (Director of National Intelligence, 2017, pp 3-4).
Russia has been accumulated their lessons-learned from previous cyber campaigns from Estonia to Ukraine, and successfully integrated them into the 2016 U.S. election attack. First, they started online propaganda by utilizing major social network services. The Russian’s online disinformation campaigns sprawled over Facebook, Twitter and Google throughout the automated social accounts, bots and professional trolls as part of its influence efforts to tarnish Hillary Clinton and promote Donald Trump. They understood exactly how online media system works and how to influence an audience. Mayer (2018) found, Russian operators shared free and paid posts to “a hundred and twenty-six million American Facebook users” (para.18). Their audiences were analyzed and targeted to specific voters including battle ground state residents. As their work spreads, millions of Americans ended up unknowingly sharing the fake news and viewing the ads, which are illegal. Second, hackers used spear phishing attacks to penetrate the DNC (Democratic National Committee)’s computer Network, as well as emails from individuals like John Podesta, chairman of the Clinton campaign (Lipton, Sanger& Shane, 2016, para.10). According to Lipton, Sanger and Shane (2018), the hacked information was released using WikiLeaks, Guccifer 2.0 persona and the site DCLeaks.com. The intelligence communities determined that two Russian hacking groups called Fancy Bear and Cozy Bear were directly linked to Russia’s military intelligence service, the GRU. The GRU directed the cyber operations and the hacks were part of Russia’s efforts not just to undermine confidence in the election but to actively help Trump’s victory. After their successful campaign as a king maker, Putin and his government made improvement on their cost-effective “Perfect Weapon” (Lipton, Sanger& Shane, 2016, para. 16).
Attacking the Center of Gravity by Controlling theCyberspace
The 2016 U.S. election case demonstrated that cyberattacks have been turned to much more sophisticated. It showed that how they identified the enemy’s center of gravity and how they compromised cyberspace to achieve their goal. Russian campaign recalled classical thinkers like Sun Tzu, Clausewitz and Corbett. It is worth to know that how they combined those strategies and how emasculated the democratic political systems regardless whether it was intended or not. Russian has successfully implemented those series of cyber campaigns by controlling the cyberspace around the U.S. In order words, it is safe to say the best way to attack the center of gravity is controlling the cyberspace of enemy.
The Center of Gravity – Psychological relationship
In terms of cyberattacks, it has been clearly seen that Russia has attacked the enemy’s center of gravity – the strong trust between populate and its government – for successful campaign. In modern cyberwarfare, it is not enough to achieve their goal only by attacking social infrastructures such as power grid. As Clausewitz (1984)’s favorite definition about war, attacker’s long-term object is achieving their political needs (Book 1, Chapter 1, 24 “War is merely the continuation of policy by other means”, para. 1). In order for achieving their sophisticated object, enough preparation must take precedence. Without knowing enemy, campaigns easily lead unintended results such as reunification or strengthening the relationship between populace and government. It also causes backfire such as sanctions or counterattacks against the attacker. Thus, campaign is required to be well prepared throughout the massive but accurate enumerations about the target. It must be escalated with serious of collateral damage on trust in between government and its populace. As Sun Tzu (1994)’s immutable truism about preparation, it is a key strategy of not being “endangered in a hundred engagements” (“Planning offensive”, para. 10). The center of gravity for successful campaign was clear for Russia. As intelligence communities have clearly mentioned, Russia’s cyberattacks aimed to “undermine public faith in the US democratic process” (Director of National Intelligence, 2017, pp 7). They compromised American voters and made gaps between populace and their government, media and politics, political parties, and between government and U.S. national security organizations.
In conventional warfare in history, there has been advantageous for the defending side. Sun Tzu (1994) asserted that “whoever occupies the battleground first and awaits the enemy will be at ease” (“Vacuity and Substance”, para.1). Clausewitz (1989) argued, “defense is easier than attack” on warfare since “it is easier to hold ground than take it”(Book 6, Chapter 1, “Advantages of defence”, para.1) and Corbett (1911) also believed that defensive strategy is more favorable than offensive strategy saying that “active defensive operations” are important “to prevent the enemy achieving any positive result” in sea battle (Chapter 3, “Defensive Fleet Operation – A Fleet in Being”, para 3). However, not the same as those military thinkers, attackers have the upper hand in cyber battle field. It is because cyberwarfare is a vastly different world from physical spaces. First, there are no physical barriers and overt weapons. As information is highly centralized and human is connected online all the time, there exists big chances to find bits of serendipity for attacker. For instance, Russia’s reach online was unprecedented and sophisticated. However, they also used old school tactic such as phishing email. John Podesta was one of victims and was being a high valued asset for Russia. Second, there exists imbalanced information between attackers and defenders. Hackers enumerated and gathered information about their target long-term perspective then activated their campaigns simultaneously. These unknown and covert attacks keep target on the defensive. Because, even small success in their attacks can cause massive chaos in the target system.
Command of the Bits
As seen the attribute of cyberspace, it is neither unpredictable nor uncontrollable as Corbett’s maritime strategy. Cyberspace is not a battle field, but rather it is a space to be controlled for winning war. No country can win a war only by utilizing physical weapons in modern war. Russia chosen cyberspace as their strategical battle field. Cyberspace was the perfect weapon for Russia because it is “a low-cost, high-impact weapon that Russia had test-fired in elections from Ukraine to Europe” (Lipton et al., 2016, para. 16). For Russia, “with an enfeebled economy and a nuclear arsenal it cannot use short of all-out war, cyberpower proved the perfect weapon: cheap, hard to see coming, hard to trace” (Lipton et al., 2016, para. 16). Putin and his government directly targeted to the U.S. center of gravity – the strong trust between populace and its government – by controlling the cyberspace. They investigated, planned and presented their series of multiple campaigns. As Corbett (1911) argued “the object of naval warfare is the control of communications” (Chapter 1, “Theory of the Object – Command of the Sea”, para. 11), Russian hackers paralyzed U.S. media outlets by reframing and setting the political agenda throughout leaking email and generating disinformation. As Mayer (2018) reported, they exploited stolen emails from Podesta’s account to fade Trump’s “Access Hollywood” (para. 30) scandal. These activities operated by Russian advertisements and social media bots did far more damage than any of the compromised servers.
Russian-backed hackers maximize the benefit of cyberspace for their successful campaign. It is easy to hide and easy to make their actions undiscovered. In cyberspace, it is impossible to distinguish friends and enemies. Hackers were being innocent American voters who support freedom of speech. Cyberspace also allowed attackers operational flexibilities. They dynamically reflected and changed their operations depending on what they discovered and how the U.S. reflected against their attacks. As Obama Administration escalated the investigation regarding the Russian hacking, Russian provided hacked emails from Hillary Clinton to the WikiLeaks and started slowly leaking them to public (Mayer, 2018, para. 29). It was being a smoking gun for Hillary and a blackhole to absorb their risks.
As their cyber attacks continued, the U.S. democracy systems leaked lots of weaknesses. Politicians utilized the foreign government’s cyber attacks as their chances to regain the political position and media outlets reproduced gossips and fake news. Even Donald Trump “gleefully cited many of the purloined emails on the campaign trail” (Lipton et al., 2016, para.12). As soon as Hillary’s emails have been hacked, massive fake news were generated by Russian-backed media and directly delivered to public. It did not matter whether that news was fact or not. Even general US voters did not have media literacy since they are always overwhelmed by information overload. Russia’s case also reminds the importance of acknowledging of personal cyber security guidance. Even highly secured government facilities, a single inconsiderate action such as clicking the email intended by hacker can paralyzed the entire security system. Cyber security is not a technical matter, rather it is a process. Hackers successfully compromised its process.
For Clausewitz, war was “the realm of uncertainty” and “wrapped in a fog” (Book 1, Chapter 3 – “On Military Genius”, para. 10). It is being more unpredictable in modern war. Attackers get a vote in cyberspace. They are waging war and taking leverage by controlling the cyberspace. There is no doubt of Russian’s meddling in other nations political system is going to happen unless fixing the leaked issues during the Russia’s cyber campaign in 2016 U.S. presidential election. Political systems were easily paralyzed and divided by toxic atmosphere. Populace were personalized, and the function of media outlets did not work properly. Even intelligence communities were failed to react immediately. Most nations in the word today are facing an unprecedented challenge in defending themselves against this psychological cyber warfare. Attackers method has been growing more sophisticated. There is not a clear prescription; however, it is clear that defending strategies also need to be sophisticated but well orchestrated.
Clausewitz, C. ., Howard, M., Paret, P., & Brodie, B. (1984). On war. Princeton, N.J: Princeton University Press.
Corbett, J. (1911). Principles of maritime strategy. London: Longmans.
Director of National Intelligence, United States. (2017). Background to “assessing Russian activities and intentions in recent US elections”: The analytic process and cyber incident attribution. https://www.intelligence.senate.gov/sites/default/files/documents/ICA_2017_01.pdf
Lipton, E. Sanger, D. & Shane, S. (December 13, 2016). The perfect weapon: How Russian cyberpower invaded the US. The New York Times. https://www.nytimes.com/2016/12/13/us/politics/russia-hack-election-dnc.html
Mayer, J. (September 24, 2018). How Russia helped swing the election for Trump. The New Yorker. https://www.newyorker.com/magazine/2018/10/01/how-russia-helped-to-swing-theelection-for-trump
Sun Tzu (1994). The art of war. (R. Sawyer, Trans.). Boulder, CO: Westview Press.