Raspberry Pi Hacked NASA

Raspberry Pi Hacked NASA

Raspberry Pi Hacked NASA

NASA described the hackers as an “advanced persistent threat,” a term generally used for nation-state hacking groups.

The revelation that a Raspberry Pi helped enable an April 2018 hack of JPL arrived courtesy of the U.S. Office of the Inspector General (OIG) on June 18. OIG said in its report that JPL “has experienced several notable cybersecurity incidents that have compromised major segments of its IT network” in the last decade, with the April 2018 hack being “used to steal approximately 500 megabytes of data from one of its major mission systems.”

OIG didn’t spare any aspect of the lab’s security in the report. The report outlined problems with how JPL manages and monitors its network, responds to incidents and shares “lessons learned” from those incidents. It also said that NASA lacks sufficient oversight for JPL’s security practices. Reading it probably won’t make anyone feel better about the lab tasked with exploring other planets and managing the Deep Space Network.

For the April 2018 hack, this all came to a head, thanks to problems with the way JPL managed the Information Technology Security Database (ITSDB) used to track equipment connected to its network. Or perhaps it’s more accurate to say the lab mismanaged the database and that, combined with other lackadaisical security practices, led to a Raspberry Pi being used to hack a NASA research laboratory.

OIG explained in its report:

“Moreover, system administrators did not consistently update the inventory system when they added devices to the network. Specifically, we found that 8 of 11 system administrators responsible for managing the 13 systems in our sample maintain a separate inventory spreadsheet of their systems from which they periodically update the information manually in the ITSDB,” the report said.

“One system administrator told us he does not regularly enter new devices into the ITSDB as required because the database’s updating function sometimes does not work and he later forgets to enter the asset information. Consequently, assets can be added to the network without being properly identified and vetted by security officials. The April 2018 cyberattack exploited this particular weakness when the hacker accessed the JPL network by targeting a Raspberry Pi computer that was not authorized to be attached to the JPL network. The device should not have been permitted on the JPL network without the JPL [Office of the Chief Information Officer]’s review and approval.”

Raspberry Pis are popular because they offer a deceptively capable platform in an itty-bitty form factor that’s perfect for tinkering. JPL learned the hard way that even a cheap device with a cutesy name can undermine systems used to send robots into space.

MARS MISSIONS DATA

According to a 49-page OIG report, the hackers used this point of entry to move deeper inside the JPL network by hacking a shared network gateway.

The hackers used this network gateway to pivot inside JPL’s infrastructure, and gained access to the network that was storing information about NASA JPL-managed Mars missions, from where he exfiltrated information.

The OIG report said the hackers used “a compromised external user system” to access the JPL missions network.

“The attacker exfiltrated approximately 500 megabytes of data from 23 files, 2 of which contained International Traffic in Arms Regulations information related to the Mars Science Laboratory mission,” the NASA OIG said.

The Mars Science Laboratory is the JPL program that manages the Curiosity rover on Mars, among other projects.

BREACHED NASA’S SATELLITE DISH NETWORK

NASA’s JPL division primary role is to build and operate planetary robotic spacecraft such as the Curiosity rover, or the various satellites that orbit planets in the solar system.

In addition, the JPL also manages NASA’s Deep Space Network (DSN), a worldwide network of satellite dishes that are used to send and receive information from NASA spacecrafts in active missions.

Investigators said that besides accessing the JPL’s mission network, the April 2018 intruder also accessed the JPL’s DSN IT network. Upon the dicovery of the intrusion, several other NASA facilities disconnected from the JPL and DSN networks, fearing the attacker might pivot to their systems as well.

Contact Us
CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030
Call Us : 011-40394315 | +91-9650202445 | +91-9650677445
Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

SigintOS All in One Live Linux Distribution

SigintOS : All in One Live Linux Distribution

SigintOS, as the name suggests, SIGINT is an improved Linux distribution for Signal Intelligence. This distribution is based on Ubuntu Linux. It has its own software called SigintOS. With this software, many SIGINT operations can be performed via a single graphical interface.

Hardware and software installation problems faced by many people interested in signal processing are completely eliminated with SigintOS. HackRF, BladeRF, USRP, RTL-SDR are already installed, and the most used Gnuradio, Gsm and Gps applications are also included in the distribution.

FEATURES:

  • BladeRF
  • HackRF
  • RTL-SDR
  • OsmoSdr
  • YateBTS
  • srsLTE
  • LTE-Cell-Search
  • Ubuntu Linux
  • GSM Cell Search
  • IMSI Catcher
  • FM Transmitter
  • GPS Transmitter

Whats New on version 1.1

  • LimeSDR support
  • PlutoSDR support
  • SDRAngel added
  • WXtoImg added
  • SigintOS Tools GSM Search fixed
  • SigintOS IMSI Catcher Fixed

The image comes as a 2GB ISO file, and it’s possible to run it in WMWare or VirtualBox.

DOWNLOAD SigintOS

Contact Us
CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030
Call Us : 011-40394315 | +91-9650202445 | +91-9650677445
Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

CCNP Training and Certification Courses in India

CCNP Training and Certification Courses

 

 

The CCNP Routing and Switching certification is appropriate for those with at least one year of networking experience who are ready to advance their skills and work independently on complex network solutions. Those who achieve CCNP Routing and Switching have demonstrated the skills required in enterprise roles such as network engineer, support engineer, systems engineer or network technician. The routing and switching protocol knowledge from this certification will provide a lasting foundation as these skills are equally relevant in the physical networks of today and the virtualized network functions of tomorrow.

CCNP COURSE MODULE

Module 1 : Implement an EIGRPbased solution, given a network design and a set of requirements.

Module 2 : Implement a multi-area OSPF Network, given a network design and a set of requirements.

Module 3 : Implement an eBGP based solution, given a network design and a set of requirements

Module 4 : Implement an IPv6 based solution, given a network design and a set of requirements.

Module 5 : Implement an IPv4 or IPv6 based redistribution solution, given a network design and a set of requirements

Module 6 : Implement Layer 3 Path Control Solution.

Who Should Do This Course:

Our CCNP course is designed for entry-level networking professionals who want to progress in their career and attain positions like network administrator, network analyst, or tester. Those who are working as IT professionals at the intermediate level in networking-related areas benefit a lot from our certification programs.
Upcoming Batch Details

Courses Course Starting Date Delivery Mode Seat Available Book Now
CCNP Training 22, 26, 30,1,7,12,18 Classroom/Online Training 15 Seat Only  Available Book Now

Types of CCNP Certifications 2019

Cisco Certified Network Professional Certification is meant for professionals with at least one year of experience in networking and seeking training programs to enhance their skills.

CCNP Routing and Switching

CCNP Cloud

CCNP Security

CCNP Collaboration

CCNP Service Provider

CCNP Data Center

CCNP Wireless

Benefits of CCNP Certification:

CCNP certification at Craw Cyber Security can help you explore various IT jobs like systems engineer,
network engineer, network support specialist, system integrator, and network consultant. We offer high-quality
training through varied learning modes and delivered by industry experts.

CCNP Exam Information

To earn this Cisco CCNP Routing and Switching certification, you must pass the following exams

300-101 ROUTE

This exam certifies the routing knowledge and skills of successful candidates. They are certified in using advanced IP addressing and routing in implementing scalable and highly secure Cisco routers that are connected to LANs, WANs, and IPv6.

300-115 SWITCH

This exam certifies the switching knowledge and skills of successful candidates. They are certified in planning, configuring, and verifying the implementation of complex enterprise switching solutions that use the Cisco Enterprise Campus Architecture.

300-135 TSHOOT

This exam certifies that the successful candidate has the knowledge and skills necessary to:

  • Plan and perform regular maintenance on complex enterprise routed and switched networks
  • Use technology-based practices and a systematic ITIL-compliant approach to perform network troubleshooting

 

Contact Us
CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030
Call Us : 011-40394315 | +91-9650202445 | +91-9650677445
Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

 

Two Facebook WordPress Plugins Infected Zero-Day Vulnerabilities

Two Facebook WordPress Plugins Infected Zero-Day Vulnerabilities

A security firm has pointed out some zero-day vulnerabilities in Facebook WordPress Plugins. The vulnerabilities precisely exist in plugins ‘Facebook for WooCommerce’ and ‘Messenger Customer Chat’. Both the plugins have hundreds of thousands of active installations, and thus, pose a threat to a large number of users. Since the researchers have dropped the respective PoC as well with their reports, the vulnerabilities need an urgent fix.

About ‘Plugin Vulnerabilities’ And The Facebook WordPress Plugins In Question

Researchers from the security firm ‘Plugin Vulnerabilities’ have discovered a few zero-day bugs in two Facebook WordPress plugins. Continuing their practice of disclosing WordPress plugin bugs publicly, the firm has shared details once again with the public. They have even explained in a separate blog post, that they disclose the vulnerabilities publicly for customers’ security. The requirement of having a Facebook account to report a bug to Facebook is another hindrance.

They also point out the possible negligence in reviewing WordPress plugins and question the scope of these bugs under their bug bounty program.

SINCE THEY ARE BOTH VULNERABILITIES IN THE TYPE OF CODE THAT IS OFTEN INVOLVED IN DISCLOSED WORDPRESS PLUGIN VULNERABILITIES, THOSE VULNERABILITIES SHOULD NOT HAVE BEEN MISSED IF SECURITY REVIEWS OF THE PLUGINS WERE DONE… SO, IT SEEMS HIGHLY UNLIKELY THAT FACEBOOK GOT THAT DONE WITH THE PLUGINS. INSTEAD… FACEBOOK HAS A BUG BOUNTY PROGRAM. IT ISN’T CLEAR IF THESE PLUGINS WOULD FALL UNDER THAT OR WHAT THEY WOULD EVEN PAY OUT ANY BOUNTY.

Well, we are not really delving into the debate of whether they are right or wrong in their practice. So, let us quickly review the vulnerabilities they discovered.

Specifically, the security firm found bugs in the ‘Facebook for WooCommerce’ plugin and ‘Messenger Customer Chat’ plugin. The former plugin currently has over 200,000 active installations. Whereas, the later has more than 20,000.

Proof of Concept

The following proof of concept will cause the message “Proof of Concept” to be added to the bottom of web pages, when logged in to WordPress.

Make sure to replace “[path to WordPress]” with the location of WordPress.

<html>
<body>
<form action="http://[path to WordPress]/wp-admin/admin-ajax.php?action=update_options" method="POST">
<input type="hidden" name="fbmcc_generatedCode" value="Proof of Concept">
<input type="submit" value="Submit" />
</form>
</body>
</html>

CSRF Zero-Day Vulnerabilities Discovered

As stated in their vulnerability report, ‘Facebook for WooCommerce’ is one of the popular plugins for WooCommerce. The plugin page shows that it remains untested for the last three releases of WordPress. Thus, it may be prone to compatibility issues with recent versions.

Out of curiosity, the researchers began analyzing the plugin and came up with a cross-site request forgery (CSRF) vulnerability. They found a lacking of a nonce to prevent CSRF with the AJAX function ajax_update_fb_option(). They have shared a proof of concept in their report.

Following this discovery, the researchers quickly analyzed another plugin and found a similar problem with ‘Messenger Customer Chat’ too. As stated in their reports, they found another CSRF vulnerability, for which they have shared the PoC as well.

Both the vulnerabilities, upon exploit, can allow a potential attacker to alter WordPress site options. While they may not be as dangerous as other web application vulnerabilities, their public disclosures demand an immediate fix to avoid potential threats to the users of the respective plugins.

Contact Us
CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030
Call Us : 011-40394315 | +91-9650202445 | +91-9650677445
Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

Tor Browser 8.5.2 Update With Fixed Critical Zero-day

Tor Browser 8.5.2 Update With Fixed Critical Zero-day

This latest critical zero-day vulnerability recently reported to Mozilla by a member of Google Project Zero -Samuel Grob.

Attackers actively targeted the discovered JavaScript type confusion vulnerability that leads to an exploitable crash. Users are requested to update the new version immediately to protect themselves from this zero-day vulnerability.

The bug doesn’t affect the Tor users who were running under safest security levels. Unfortunately, the release is not available for Android version as the development team unable to access the Android signing token.

Android users are recommended using Tor with safer or safest security levels. You can change the security level under Security Settings.

Changelog For Tor Browser 8.5.2

  • Pick up a fix for Mozilla’s bug 1544386
  • Update NoScript to 10.6.3
  • TOR Browser 8.5.1 released for Windows, Linux and Mac and Android earlier this month. It is the first bug fix release in the 8.5 series.

Download Tor Browser 8.5.2 from Here Tor Browser and distribution directory

The Android version is available from Google Play

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030

Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

Kippo–SSH Honeypot

Kippo – SSH Honeypot

FEATURES OF KIPPO SSH HONEYPOT

INTERSTING FEATURES:

  • Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included
  • Possibility of adding fake file contents so the attacker can ‘cat’ files such as /etc/passwd. Only minimal file contents are included
  • Session logs stored in an UML compatible format for easy replay with original timings
  • Just like Kojoney, Kippo saves files downloaded with wget for later inspection
  • Trickery; ssh pretends to connect somewhere, exit doesn’t really exit, etc

REQUIREMENT OF KIPPO SSH HONEYPOT

BASIC SOFTWARE REQUIREMENT:

  • An operating system (tested on Debian, CentOS, FreeBSD and Windows 7)
  • Python 2.5+
  • PyCrypto
  • Zope Interface
  • Twisted 8.0 to 15.1.0

HOW TO CLONE BY GITCLONE ON LINUX

$ gitclone https://github.com/desaster/kippo.git

How to run KIPPO SSH HONEYPOT ?

Edit kippo.cfg to your liking and start the honeypot by running:

./start.sh

start.sh is a simple shell script that runs Kippo in the background using twistd. Detailed startup options can be given by running twistd manually. For example, to run Kippo in foreground:

twistd -y kippo.tac -n

By default KIPPO HONEYPOT listens for ssh connections on port 2222. You can change this, but do not change it to 22 as it requires root privileges. Use port forwarding instead.

INTERSTING FILES IN KIPPO HONEYPOT:

  • dl/ – files downloaded with wget are stored here
  • log/kippo.log – log/debug output
  • log/tty/ – session logs
  • fs.pickle – fake filesystem
  • utils/playlog.py – utility to replay session logs
  • utils/createfs.py – used to create fs.pickle
  • honeyfs/ – file contents for the fake filesystem – feel free to copy a real system here

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

Prithvi – A VA/PT(SECURITY ASSESSMENT) Report Generation Tool

Prithvi – A VA/PT(SECURITY ASSESSMENT) Report Generation Tool

WHAT IS PRITHVI – REPORT GENERATION TOOLWHAT IS PRITHVI – REPORT GENERATION TOOL

Prithvi is a report generation tool specially made for Security Assessment which is free to use and easy to use. It will generate high quality vulnerability assessment report for security controls. It got various features and majorly made for security assessment. You can easily find security vulnerabilities in a report.

Advantages of PRITHVI VA/PT REPORT GENERATION tool

Prithvi is used to generate security assessments and could be modified based on your requirements. So can also be used for other report generation.

It includes the following features:

  • We can add multiple projects and add vulnerabilities in each project.
  • We can add the number of occurrences with proof of concept.
  • To track the ongoing projects, we can also add tracking data for better understanding.
  • We can generate the project report as well as the tracking report.
  • Provided owasp data like vulnerabilities, details, and recommendations for vulnerabilities.
  •   It has both OWASP web and mobile version data of OWASP 2017.
  • Prithvi is easy to use.
  • Prithvi is free to use.
  • Prithvi is available in Windows as well as the Mac version.

HOW TO USE PRITHVI:

  • Start the application.
  • Add new project and fill the details.
  • Add vulnerabilities in the project and fill the details.
  • Right click on your project in Prithvi, click on generate the report.
  • If you need a tracking report, click on the tracking tab.
  • Add tracking details and save it.
  • Now click the report in the menu and click generate tracking report in the submenu.
  • After clicking the tracking report provide the necessary details like project, date and click on the search button.
  • Then click generate the report in the right corner

System Requirements:

Operating Systems  Mac OSX(64bit), Windows(64bit & 32bit)

RAM  Minimum Usage 4GB of available memory

Storage  10GB of available disk space

SAMPLE REPORT GENERATED FROM PRITHVI

DOWNLOAD PRITHVI

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030

Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

Terminus – A Terminal For A More Modern Age

Terminus – A Terminal For A More Modern Age

Terminus is a highly configurable terminal emulator for Windows, macOS and Linux

  • Theming and color schemes
  • Fully configurable shortcuts
  • Split panes
  • Remembers your tabs
  • PowerShell (and PS Core), WSL, Git-Bash, Cygwin, Cmder and CMD support
  • Integrated SSH client and connection manager
  • Full Unicode support including double-width characters
  • Doesn’t choke on fast-flowing outputs
  • Proper shell experience on windows including tab completion.

Plugins:

Plugins and themes can be installed directly from the Settings view inside Terminus.

  • clickable-links – makes paths and URLs in the terminal clickable
  • shell-selector – a quick shell selector pane
  • title-control – allows modifying the title of the terminal tabs by providing a prefix, suffix, and/or strings to be removed
  • quick-cmds – quickly send commands to one or all terminal tabs
  • save-output – record terminal output into a file
  • scrollbar – adds a scrollbar to hterm tabs

Themes:

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030

Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

CELLEBRITE FORENSIC COMPANY can hack into Apple’s iOS 12.3 and latest Android phones.

CELLEBRITE FORENSIC COMPANY can hack into Apple’s iOS 12.3 and latest Android phones.

Your iPhone XS and Galaxy S9 is likely vulnerable to this new hacking tool

Israeli-based Cellebrite ,announced on an updated webpage and through a tweet where it claims it can unlock and extract data from all iOS device (iOS 12.3 and below) and “high-end Android” devices.

The tool is named the Universal Forensic Extraction Device and its latest iteration – UFED Premium – will be available to law enforcement for use in gaining access to locked devices.

On the webpage describing the capabilities of its Universal Forensic Extraction Device (UFED) Physical Analyzer, Cellebrite said it can “determine locks and perform a full file- system extraction on any iOS device, or a physical extraction or full file system (File-Based Encryption) extraction on many high-end Android devices, to get much more data than what is possible through logical extractions and other conventional means.”

The iPhone Xr and Xs models (based on A12 SoC) are harder to break because the password recovery for it always runs at BFU speed .

In general, iOS devices are very well protected, while some Android devices provide an even better level of security.

To protect your smart phone, we recommends the following:

  • Use at least a 6-digit passcode
  • Make the passcode complex
  • Enable USB restricted mode
  • Know how to activate it (S.O.S.)
  • Best of all, use an iPhone Xr or Xs model or newer

The key benefits of the tools iOS Data Extraction are listed as being able to determine passcodes & perform unlocks for all Apple devices, sophisticated algorithms to minimize unlock attempts and perform a forensically sound full file-system extraction.

Much the same is also listed for Android hacking benefits with the addition of extract unallocated data to maximize recovery of deleted items.

KNOX was the last phone hack to gain a significant amount of attention. This time it wasn’t a hacking tool being offered around but a security researcher uncovered a potential security flaw ripe for exploitation.

The hack exploited a security service on Samsung phones named Knox – Know was introduced many moons ago on the Galaxy S4. The hack would enable infiltrators to completely incapacitate any Samsung phone – usually described as bricking.

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030

Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in

FIREFOX Zero-day BUG Let Hackers Take Full Control of Your System – Update Your FireFox Now

FIREFOX Zero-day BUG Let Hackers Take Full Control of Your System – Update Your FireFox Now

If you are using Firefox web browser, you need to update it as soon as possible.

Mozilla released a security update for Critical Zero-day vulnerability that is being fixed in a new version of Firefox ESR 60.7 and Firefox 67.0.3

Discovered and reported by Samuel Grob , a cybersecurity researcher at Google Project Zero, the vulnerability allow attackers to remotely execute arbitrary code on machines running unpatched old Firefox versions and take full control of the system.

There are various exploit attempts identified, and the attackers targeting the vulnerable old version of Firefox and exploit this critical zero-day vulnerability.

The flaw has been labeled as a type confusion vulnerability in Firefox that can result in an exploitable crash due to issues in Array.pop which can occur when manipulating JavaScript objects.

CVE-2019-11707

The vulnerability, identified as CVE-2019-11707 can affects any of those users who uses Firefox on desktop (Windows, macOS, and Linux) — whereas, Firefox for Android, iOS, and Amazon Fire TV are not affected by this vulnerability.

UPDATE YOUR FIREFOX VIA FOLLOWING LINKS:

All the FireFox user are urged to update the new version immediately to protect themselves from this zero-day exploit and keep your system safe and secure from hackers.

Contact Us

CRAW SECURITY
1st Floor, Plot no. 4, Lane no. 2,Kehar Singh Estate,Westend Marg,Behind Saket Metro Station, New Delhi – 110030

Call Us : 011-40394315 | +91-9650202445 | +91-9650677445

Mails Us : training@craw.in
Visit Us : www.crawsecurity.com | www.craw.in