Prepping for the OSCP: Kali/ARM/NIST/FIPS/AES/Python Download: www.tavve.com/misc Chuck Craft Tavve Software chuck@tavve.com @bubbasnmp 16.05.15 Overview What I do / Why OSCP? / What is OSCP? Offensive Security Certified Professional Kali (ARM / Raspberry Pi) Python (NIST / FIPS / AES) Misc. / Questions What I do NMS ICMP syslog telnet traps SNMPv3 SIEM NPM NetFlow RDP https SNMP sftp NTP ssh DMZ Air gap TACACS scp Radius CISSP NMS ICMP syslog telnet traps SNMPv3 SIEM RDP https NPM SSL/TLS SNMP ssh DMZ Air gap sftp NetFlow NTP TACACS scp Radius What next? UMSA CEH ISSA OWASP GIAC CREST BCPA DC612 ___CON BSides ISACA BOFH OSCP CISA CCSP CSX SANS SSCP ISC2 InfraGard GPEN CISM Lake Wobegon My day job NMS ICMP syslog telnet traps SNMPv3 SIEM RDP https NPM SSL/TLS SNMP ssh DMZ sftp NetFlow NTP TACACS scp Radius Pentest What next? OSCP UMSA CEH ISSA OWASP GIAC CREST BCPA DC612 ___CON BSides ISACA BOFH OSCP CISA CCSP CSX SANS SSCP ISC2 InfraGard GPEN CISM Offensive Security Certified Professional (OSCP) • Hands-on offensive information security certification • Arduous twenty-four (24) hour certification exam • Hosted Penetration Testing Virtual Labs • Penetration Testing with Kali Linux (PWK) – Online training – 30? 40? CPEs upon completion Try Harder™ https://www.offensive-security.com/ What is Kali • • • • • • Successor to BackTrack Linux – released 2013 Debian based Developed, funded, and maintained by Offensive Security More than 600 penetration testing tools Penetration Testing, Forensics and Reverse Engineering Current version – Kali-Rolling (2016.1), ARM 2.1.2 https://www.kali.org/ Kali Downloads • https://www.kali.org/downloads/ • • • • Full Kali ISO – 32/64 bit i386 / amd64 (~3GB) Kali Light ISO – Subset of tools (~1GB) Kali Mini – 32/64 bit network install (30 MB) Kali Light – armel / armhf (do it yourself ARM) • Prebuilt Kali Images – 32/64 bit VMware/VirtualBox • Custom ARM Images • Docker Who/What is ARM • • • • • 1985 - Acorn RISC Machine 1990 – spun out to ARM Ltd Cambridge, UK - Global HQ Primary business is selling IP cores Over 60 billion ARM based chips shipped to date (99% of smartphones/tablets1) • Over 1100 licenses signed with over 300 companies 1 http://www.bloomberg.com/bw/articles/2014-02-04/arm-chips-are-the-most-used-consumer-product-dot-where-s-the-money Kali Custom ARM Images Chromebook CompuLab CubieBoard CuBox RaspberryPi USB Armory ODROID BeagleBone Black RIoTboard NanoPi 2 https://github.com/offensive-security/kali-arm-build-scripts Destruction – on a budget SET http://null-byte.wonderhowto.com/ wifite Raspberry Pi Model B Pi 3 Model B Pi 2 Model B Pi 1 Model B+ Pi 1 Model B Model A Pi 3 Model A Pi 1 Model A+ Pi 1 Model A Other Pi Zero Pi 3 Compute Module Pi Compute Module SoC BCM2837 BCM2836 BCM2835 BCM2835 BCM2835 BCM2835 BCM2835 BCM2835 Pi 2 Model B CPU 1.2GHz 64-bit quad-core ARM Cortex-A53 900MHz quad-core ARM Cortex-A7 700Mhz Single Core ARM1176JZFS 700Mhz Single Core ARM1176JZFS TechRepublic – “mid-2016” 700Mhz Single Core ARM1176JZFS 700Mhz Single Core ARM1176JZFS 1GHz ARM11 Single Core 2016 – “soon” 700Mhz Single Core ARM1176JZFS Memory 1GB 1GB 512 MB 256/512 MB Card Slot Micro SD Micro SD Micro SD SD USB 4 4 4 2 Ethernet Price NIC/WiFi/BLE $35 yes $35 yes yes 256 MB 256 MB Micro SD SD 1 1 1 WiFi/BLE no no $20 ? $20 512 MB Micro SD 1 (uUSB) no $5 512 MB 4GB eMMC 1 via pins no $40 Where to get Pi • Element14 (Farnell,Newark, MCM) • Amazon • Adafruit Download Kali Don’t be a LinuxMint 2016 ! • https://www.offensive-security.com/kali-linux-arm-images/ “a minimal XFCE Kali system with the top 10 tools” E:\>c:\fciv\fciv -sha1 kali-2.1-rpi2.img.xz // // File Checksum Integrity Verifier version 2.05. // 1940438fe85f5850e10ea6c14d0aebefc1266985 kali-2.1-rpi2.img.xz Burn to memory card Win32 Disk Imager https://launchpad.net/win32-image-writer http://sourceforge.net/projects/win32diskimager 210 Datacenter Power / Anker CTIA (UCS) Universal Charger Solution EC Common External Power Supply Console Access – KVM vs serial Red power – proceed with care ! https://github.com/offensive-security/kali-arm-build-scripts/blob/master/rpi.sh RPi1 – 2.1 and newer RPi2 - see Github issue #54 (fixed in 2.1.2) RPi3 – UART changes (due to Bluetooth) Kali Login user root, password toor root@kali:~ rm /etc/ssh/ssh_host_* root@kali:~ dpkg-reconfigure openssh-server root@kali:~ service ssh restart Allow root to ssh into server root@kali:/etc/ssh# pwd /etc/ssh root@kali:/etc/ssh# vi sshd_config Opened up in 2.1.2 # chuckc - Fri Feb 5 22:40:50 UTC 2016 # PermitRootLogin prohibit-password PermitRootLogin yes PermitRootLogin Specifies whether root can log in using ssh(1). The argument must be ``yes'', ``prohibit-password'', ``without-password'', ``forced-commands-only'', or ``no''. The default is ``prohibit-password''. ? Xrdp Kali + ARM = Pwnie (Bloomberg) “The device they built looked like a European version of a power strip. Tucked inside a 15-by-5-inch casing was a tiny Linux computer running powerful hacking software called Metasploit. The pwnie sent out data via cellular networks, which meant they could be accessed from anywhere.” http://www.bloomberg.com/graphics/2015-mob-technology-consultants-help-drug-traffickers/ RTFM / BTHb OverTheWire http://overthewire.org/wargames/bandit/ Root Me https://www.root-me.org/en/Challenges/ Vulnhub https://www.vulnhub.com/entry/tr0ll-1,100/ Metasploit Unleashed https://www.offensive-security.com/metasploit-unleashed/ Metasploitable: intentionally vulnerable Linux virtual machine https://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Metasploitable 2 Exploitability Guide https://community.rapid7.com/docs/DOC-1875 OWASP Mutillidae II https://sourceforge.net/projects/mutillidae/ Jeremy Druin - @webpwnized Intermission What I do / Why OSCP? / What is OSCP? Offensive Security Certified Professional Kali (ARM / Raspberry Pi) Python (NIST / FIPS / AES) Misc. / Questions New (to me) languages NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment 4.1 Network Discovery 4.2 Network Port and Service Identification – nmap: – Wireshark: Lua Lua NodeMCU (ESP8266) 4.3 Vulnerability Scanning – Nessus: – OpenVAS: NASL (not Nasal) NASL 5.2 Penetration Testing – Metasploit: All purpose: Ruby Python github public_drown_scanner http://carlcheo.com/startcoding Perl -> Python != YouTube – Chicago Buses YouTube – Blackhat / Matasano Also Excel and Postscript 64? 48? Currently 56 Now 64! cryptopals.com the matasano (now NCC Group) crypto challenges Set 1: Basics 1. 2. 3. 4. 5. 6. 7. 8. Convert hex to base64 Fixed XOR Single-byte XOR cipher Detect single-character XOR Implement repeating-key XOR Break repeating-key XOR AES in ECB mode Detect AES in ECB mode Set 2: Block crypto 9. 10. 11. 12. 13. 14. 15. 16. Set 3: Block & stream crypto Implement PKCS#7 padding Implement CBC mode An ECB/CBC detection oracle Byte-at-a-time ECB decryption (Simple) ECB cut-and-paste Byte-at-a-time ECB decryption (Harder) PKCS#7 padding validation CBC bitflipping attacks Set 4: Stream crypto and randomness 25. 26. 27. 28. 29. 30. 31. 32. Break "random access read/write" AES CTR CTR bitflipping Recover the key from CBC with IV=Key Implement a SHA-1 keyed MAC Break a SHA-1 keyed MAC using length extension Break an MD4 keyed MAC using length extension Implement and break HMAC-SHA1 with an artificial timing leak Break HMAC-SHA1 with a slightly less artificial timing leak 41. 42. 43. 44. 45. 46. 47. 48. Implement unpadded message recovery oracle Bleichenbacher's e=3 RSA Attack DSA key recovery from nonce DSA nonce recovery from repeated nonce DSA parameter tampering RSA parity oracle Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case) Bleichenbacher's PKCS 1.5 Padding Oracle (Complete Case) 17. 18. 19. 20. 21. 22. 23. 24. The CBC padding oracle Implement CTR, the stream cipher mode Break fixed-nonce CTR mode using substitions Break fixed-nonce CTR statistically Implement the MT19937 Mersenne Twister RNG Crack an MT19937 seed Clone an MT19937 RNG from its output Create the MT19937 stream cipher and break it Set 5: Diffie-Hellman and friends 33. 34. 35. 36. 37. 38. 39. 40. Implement Diffie-Hellman Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection Implement DH with negotiated groups, and break with malicious "g" parameters Implement Secure Remote Password (SRP) Break SRP with a zero key Offline dictionary attack on simplified SRP Implement RSA Implement an E=3 RSA Broadcast attack 49. 50. 51. 52. 53. 54. 55. 56. CBC-MAC Message Forgery Hashing with CBC-MAC Compression Ratio Side-Channel Attacks Iterated Hash Function Multicollisions Kelsey and Schneier's Expandable Messages Kelsey and Kohno's Nostradamus Attack MD4 Collisions RC4 Single-Byte Biases Set 6: RSA and DSA Set 7: Hashes Set 8: On Github Sean Devlin @spdevlin Set 1: Basics 1.Convert hex to base64 2.Fixed XOR 3.Single-byte XOR cipher 4.Detect single-character XOR 5.Implement repeating-key XOR 6.Break repeating-key XOR 7.AES in ECB mode 8.Detect AES in ECB mode #1 - Hex -> Base64 • Request for Comments (RFC) – https://www.ietf.org/rfc.html • RFC 4648: The Base16, Base32, and Base64 Data Encodings – Base 64: A-Z, a-z, 0-9, ‘+’, ‘/’ – Base 64 with URL and Filename Safe Alphabet: ‘+’, ’/’ -> ‘-’, ‘_’ – Base 32: A-Z, 2-7 – Base 32 with Extended Hex Alphabet: 0-9, A-V – Base 16: Essentially, Base 16 encoding is the standard case- insensitive hex encoding and may be referred to as "base16" or "hex". • RFC 4880: OpenPGP Message Format PGP and URL examples -----BEGIN PGP SIGNATURE----Version: GnuPG v1 iQEcBAEBAgAGBQJWqiT1AAoJENnE0m0OYESR07gIAJ65FdP2oFR9pspmLh+iZ978 Q+1R8vShqUjkpE14gUOHaidgsU8l7HoR7v3mWFtv+XqBUp94ISOFeyt4B4jlDsHE SSgO60zlnYha0KaOeRv/aH1quiWhx8bxNZ1HJbbwlxPclqmEplhXqoSEbVvOZKFZ VPu8gmJg3fzdQpQT0eAZ/5ez6SMvIM1FO47FlqtstWgHSs0iq1scIr1LKNmH3uMZ tmNmq5U/tTX/51eKYqFIrWXIeyHSiOTXRBUjnw4ybCiobklLH1qiEApJW6iPkOob 9WthtiyBVBxCpYpF8h4mQc3h77J/q4rLcL/b56sqMsHTV4ULhbN2VIUnzcuzIUI= =Dfuh -----END PGP SIGNATURE----- Link: https://www.periscope.tv/w/aQQ0Szk2fDFPd3hXbGRNalluS1GEkRrtoANLnX cbpKGaln1ekV53WKmTe-2OUDHbNqMm0Q== Base64 – Command & Control, Data Exfil Set 1: Basics 1.Convert hex to base64 2.Fixed XOR 3.Single-byte XOR cipher 4.Detect single-character XOR 5.Implement repeating-key XOR 6.Break repeating-key XOR 7.AES in ECB mode 8.Detect AES in ECB mode #2 - XOR 0xe5 = 1110:0101 XOR 0x17 = 0001:0111 0xf2 = 1111:0010 #3 - ETAOIN SHRDLU Set 1: Basics 1.Convert hex to base64 2.Fixed XOR 3.Single-byte XOR cipher 4.Detect single-character XOR 5.Implement repeating-key XOR 6.Break repeating-key XOR 7.AES in ECB mode 8.Detect AES in ECB mode #7 – AES-128-ECB Rijndael (AES) Animation http://www.formaestudio.com/rijndaelinspector/ National Institute of Standards and Technology (NIST) • • • • • • • • • • • NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. Founded 1901 as National Bureau of Standards Current name in August 1988 - Reagan signs OTCA Neon lights The nation’s first crime lab WWII - first fully automated guided missile First atomic clock WWVB (CO) (303) 499-7111, WWVH (808) 335-4363 Closed Captioning www.time.gov and time.nist.gov 2000: Advanced Encryption Standard https://www-s.nist.gov/srmors/view_detail.cfm?srm=2387 Details Description: Lot: Expiration Date: Unit Price * : Unit of Issue: Status: Certificate Date: * Prices Peanut Butter N/A 12/31/2019 $835.00 3 x 170 g Now Selling 7/21/2015 are subject to change without notice The SRM has been determined to be non-hazardous by the National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce under paragraph (d) of OSHA Standards 29 CFR Part 1910.1200. The SRM will not release or otherwise result in exposure to a hazardous chemical under normal conditions of use. Description: This SRM is intended primarily for use in validating methods for determining proximates, fatty acids, calories, vitamins, elements, amino acids, aflatoxins, and acrylamide in peanut butter and similar matrices. This SRM can also be used for quality assurance when assigning values to in-house control materials. A unit of SRM 2387 consists of three jars of peanut butter containing 170 g each. NIST Publications • Federal Information Processing Standards (FIPS): security standards – – • Advanced Encryption Standard (AES) Security Requirements for Cryptographic Modules NIST Special Publications (SPs): security and privacy guidelines, recommendations and reference materials. – – – • FIPS 197: FIPS 140-2: SP 800-61 Rev. 2: Computer Security Incident Handling Guide SP 800-115: Technical Guide to Information Security Testing and Assessment SP 1800-5: DRAFT IT Asset Management ITL Bulletins are published monthly by NIST's Information Technology Laboratory, focusing on a single topic of significant interest to the computer security community. – ITL January 2016: Securing Interactive and Automated Access Management Using Secure Shell (SSH) FIPS-197 Nk = 4, 6, or 8 (32-bit words) Nr = 10, 12, or 14 AES calculations AES calculations AES Pseudo Code Rijndael Inspector http://www.formaestudio.com/rijndaelinspector/archivos/ Overview What I do / Why OSCP? / What is OSCP? Offensive Security Certified Professional Kali (ARM / Raspberry Pi) Python (NIST / FIPS / AES) Misc. / Questions BeagleBone Black Processor: AM335x 1GHz ARM® Cortex-A8 512MB DDR3 RAM 4GB 8-bit eMMC on-board flash storage 3D graphics accelerator NEON floating-point accelerator 2x PRU 32-bit microcontrollers Connectivity USB client for power & communications USB host 10/100 Ethernet HDMI 2x 46 pin headers Software Compatibility Debian (pre-loaded on eMMC) Android Kali ! Ubuntu Cloud9 IDE on Node.js w/ BoneScript library plus much more http://beagleboard.org/ Pine64: $15 64-Bit Super Computer 512MB/1GB/2GB DDR3 SDRAM Allwinner A64 1.2GHz CPU 64bit Quad Core ARM A53 2 x USB 2.0 4K x 2K HDMI port Ethernet 10/100 10/100/1000 Add-on: 802.11 BGN Bluetooth 4.0 +5v power microUSB MicroSD Slot up to 256GB https://forums.kali.org/showthread.php?30287-pine-64-VS-raspberry-pi-3 Northbound Networks: Zodiac FX • The world's smallest OpenFlow SDN switch (10 x 8 cm) • Support for OpenFlow 1.0, 1.3 & 1.4 fcc.gov/oet (Raspberry Pi 3 info) Pkg on Pkg memory Roku BCM2835 Everyone loves Pi • https://wiki.hackerspaces.org/Minnesota Linux ARM - armel and armhf • • • • • • • • • • • • root@kali:~# uname -a Linux kali 3.8.13-bone53 #1 SMP Thu Aug 13 23:27:51 CDT 2015 armv7l GNU/Linux root@kali:~# readelf -a /proc/self/exe | grep VFP Tag_FP_arch: VFPv3-D16 Tag_ABI_VFP_args: VFP registers root@kali:/proc# cat /proc/cpuinfo | grep -i model model name : ARMv7 Processor rev 2 (v7l) # uname -a Linux raspberrypi 3.1.9+ #272 PREEMPT Tue Aug 7 22:51:44 BST 2012 armv6l GNU/Linux # readelf -a /proc/self/exe | grep VFP Tag_FP_arch: VFPv2 Tag_ABI_VFP_args: VFP registers https://blogs.oracle.com/jtc/entry/is_it_armhf_or_armel cat /proc/cpuinfo • • • • • • • • • # cat /proc/cpuinfo Processor : ARMv6-compatible processor rev 7 (v6l) BogoMIPS : 697.95 Features : swp half thumb fastmult vfp edsp java tls CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x0 CPU part : 0xb76 CPU revision : 7 • • • Hardware Revision Serial • • • • • • • • • • root@kali:~# cat /proc/cpuinfo processor : 0 model name : ARMv7 Processor rev 2 (v7l) BogoMIPS : 993.47 Features : swp half thumb fastmult vfp edsp thumbee neon vfpv3 tls CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x3 CPU part : 0xc08 CPU revision : 2 • • • Hardware Revision Serial : BCM2708 : 0003 : 00000000081d9f52 : Generic AM33XX (Flattened Device Tree) : 0000 : 0000000000000000 Pi Raq https://github.com/earthlcd/Pi-RAQ https://earthlcd.com/products/raspberry-pi/pi-raq/ Janz Tec AG emPC-A/RPI Fanless Embedded Controller (w/ CAN) https://www.janztec.com/en/products/embedded-computing/empc/empc-arpi/ @bubbasnmp ??? • http://www.simple-times.org/ • Case, McCloghrie, Rose, Waldbusser et al • Ask Dr. SNMP – Jeff Case ``That dog won't hunt.'' Questions ??? Prepping for the OSCP: Kali/ARM/NIST/FIPS/AES/Python Download: www.tavve.com/misc Chuck Craft Tavve Software chuck@tavve.com @bubbasnmp 16.05.15
