News
At Positive Hack Days, specialists of the Positive Research Center presented the results of the DNS Rebinding vulnerability research.
The results helped finally reveal how the attack can be carried out in practice. The experts demonstrated new vectors for the DNS Rebinding attack, also known as AntiDNS Pinning. The vulnerability implies that a user's browser acts as a mediator between attackers and the target network. It allows attackers to conduct attacks against virtual infrastructures. Notably, it is not the infrastructure of virtual machine management that suffers from the attack but the users' and administrators' workstations, which are usually far less protected than servers. DNS Rebinding allows attackers to interact with internal systems from within the internal network of the target company, which makes it all easier for attackers. Though most browsers nowadays are protected against such attacks, the protection is not always efficient and can be bypassed. The research conducted by Positive Technologies involved real cases to demonstrate attacks against corporate networks and virtualization systems, network equipment and means of protection. The research thoroughly covers the tools for vulnerability exploitation, as well as the way to bypass existing restrictions. Also, the authors observed the methods of protection against the attack and related attacks. At present, the companies in which the vulnerability was detected, are cooperating with the experts of Positive Technologies to eliminate the defects.
At PHD, contestants hacked the latest version of the Safari browser for Windows
According to the author of the exploit - Nikita Tarakanov, Chief Technical Officer at the CISSRT company (which conducts software security researches) - to hack the browser, he and his colleagues created a special web page which contained a link to a potentially malicious script. A click on the link launches the script automatically. The script, in its turn, initializes the calculator. There were several applications to participate in the contest, but only the CISSRT solution really worked proved to be original. Nikita Tarakanov says that under Mac OS X the Safari vulnerability causes just the emergency shutdown of the browser. However, it is not an evidence of a higher security level of Mac OS X: the vulnerability cannot be exploited properly because of the difference in the way the two operation systems work with the memory. The winner was awarded with a prize - a Toshiba laptop with installed Safari. Earlier on, Safari had been hacked by the participants of the CanSecWest security conference, Vancouver, Canada, March 2011.
Results of Positive Hack Days
The Positive Hack Days forum gathered a variety of representatives of information security industry. By estimations, the forum was visited by more than 500 people, including representatives of government agencies, technical specialists, top managers in the IT industry, independent experts, and hackers. Two programs were conducted simultaneously: a business program, which included seminars and master-classes, and a hacking contest program. The organizers sum up the preliminary results. PHD CTF Contest The forum included the PHD CTF open international information security contest. Ten teams from Russia, USA, India, and Europe have been protecting their networks and attacking the networks of their rivals for 8 hours. There were a prepared number of vulnerabilities that exist in modern information systems (e.g., SCADA systems, etc.). The aim of the contestants was to detect vulnerabilities, fix them on their servers and exploit the vulnerabilities to obtain sensitive information from the competitor teams. According to the results of the contest, the PPP team (Pittsburgh, USA) won by a wide margin and was awarded with 5 thousand dollars. One of the PPP members said, "It's not our first experience of participating in a CTF contest, but in the PHD CTF it was the first time when we were not only to attack other teams' resources, but also to protect our own resources. We will be glad to take part in the contest the next year." Second and third places were taken by Russian teams Leet More (Saint Petersburg) and HackerDom (Yekaterinburg). Boris Simis, Business Development Director at Positive Technologies, noted, "The PHD CTF is the first contest of such scale, conducted in Russia. Whereas in USA, Canada and Europe similar contests have been held for a very long time. It is connected with the fact that the first place was taken by the team from the USA, the country where information security issues are taken very seriously. We are sure that it was interesting for Russian participants of the PHD CTF to contend with foreign teams, and we are happy to welcome everybody the next year." Contest Program Hacking Safari The forum included specific hacking contests. Thus, in the laptop hacking contest, specialists were able to detect a so called zero-day vulnerability (a vulnerability which was not known before) and exploited it to demonstrate that the latest version of the Safari web browser for Windows can be hacked. The contest was won by the CISSRT information security specialists. Hacking iPad In the analogous contest the participants formally failed to hack an iPad, because the program for exploiting a software vulnerability (the exploit) written by them did not work stably. Nevertheless, the CISSRT specialists proved the existence of the vulnerability in the mobile version of Safari during the qualification round of the contest, and the failure during the contest itself was due to the difficulties with the exploit only. To Drunk to Hack The "Too Drunk to Hack" contest was conducted at the end of the contest program. The participants of the contest were offered to hack a copy of the forum website www.phdays.com. In case of a mistake, a contestant was to drink 50 grams of tequila. Russian and foreign guests of the forum of the full legal age took part in the contest. Vladimir Vorontsov, information security expert at onsec.ru became the winner. After six mistakes he managed to find all the required vulnerabilities. Fox Hunting In this contest the contestants were to find a wireless access point, which was constantly moving around the place during the whole day. It is remarkable, that one of the contest winners was a young lady. To Hack in 900 Seconds The participants were to successively hack network equipment (switches) in 6 stages. The contestants actively used the hints, provided by Alexey Lukatsky, the representative of Cisco Systems. The winner of the contest is a participant with an ambiguous nickname "003". The organizer of the contests program and Positive Technologies expert Dmitry Evteev commented, "The specialists that took part in the contests were very good, they coped with many challenging problems. It should be noted, that some tasks were too difficult for the participants, but it was rather due to general tiredness, accumulated during the day of informative program of the forum. Generally, I'm glad that the level of training of Russian specialists is no worse than the level of the foreigners." Business Program Leading specialists of Russian IT market from Kaspersky Lab, Cisco Systems, RISSPA, Federal Service for Technical and Export Control, Rostelecom, VimpelCom, etc. presented their reports at technical and business workshops. The participants discussed such topics as cybercrimes and cyberwars, security of wireless networks and remote banking systems, DDoS, WIkiLeaks and sensitive information disclosure, the Information Society program. Technical specialists took part in master classes of various levels conducted by distinguished experts in vulnerability detection and security analysis of various information systems.