Ben Tasker's Blog

Cynet 360 Uses Insecure Control Channels

For reasons I won't go into here, recently I was taking a quick look over the "Cynet 360" agent, essentialy an endpoint protection mechanism used as part of Cynet's "Autonomous Breach protection Platform".

Cynet 360 bills itself as "a comprehensive advanced threat detection & response cybersecurity solution for for [sic] today's multi-faceted cyber battlefield". 

Which is all well and good, but what I was interested in was whether it could potentially weaken the security posture of whatever system it was installed on.

I'm a Linux bod, so the only bit I was interested in, or looked at, was the Linux server installer.

Read more ...

Writing (and backdooring) a ChaCha20 based CSPRNG

Recently I've been playing around with the generation of random numbers.

Although it's not quite ready yet, once of the things I've built is a source of (hopefully) random data. The writeup on that will come later.

But, as an interesting distraction (and in some ways, the natural extension) is to then create a Psuedo Random Number Generator (PRNG) seeded by data from that random source.

I wanted it to be (in principle) Cryptographically Secure (i.e. so we're creating a CSPRNG). In practice it isn't really (we'll explore why later in this post). I also wanted to implement what Bernstein calls "Fast Key Erasure" along with some techniques discussed by Amazon in relation to their S2N implementation.

In this post I'll be detailing how my RNG works, as well as at looking at what each of those techniques do to the numbers being generated.

I'm not a cryptographer, so I'm going to try and keep this relatively light-touch, if only to try and avoid highlighting my own ignorance too much. Although this post (as a whole) has turned out to be quite long, hopefully the individual sections are relatively easy to follow

 

Read more ...

Recovering files from SD Cards and How to protect yourself

I was working on writing this up anyway, but as the UK Government's lawyers have recommend weakening protections around Police's ability to search phones, I thought today might be a good day to get a post up about the protection of content on SD cards.

 

I never seem to have a micro-SD card to hand when I need one, they're generally all either in use or missing.

I tinker with Raspberry Pi's quite a lot, so, I ordered a job lot of used micro-SDs from ebay so that I could just have a pot of them sat there.

I thought it'd be interesting to see how many of the cards had been securely erased, and by extension what nature of material could wind up being restored off them.

Part of the point in this exercise was also to bring my knowledge of recovery back up to date, although I've done it from time to time - I've not really written anything on it since 2010 (An easier method for recovering deleted files on Linux, and the much earlier Howto recovered deleted filenodes on an ext2 filesystem - yes, that old that it's ext2!).

In this post I'll walk through how I (trivially) recovered data, as well as an overview of what I recovered. I'll not be sharing any of the recovered files in any identifiable form - they are, after all, not my files to share.

I'll also detail a few techniques I tested for securely erasing the cards so that the data could no longer be recovered

Read more ...

The Pitfalls of Building an Elasticsearch backed Search Engine

There are a ton of articles on the internet describing how to go about building a self-hosted fulltext search engine using ElasticSearch.

Most of the tutorials I read describe a fairly simple process, install some software, write a little bit of code to insert and extract data.

The underlying principle really is:

  1. Install and set up ElasticSearch
  2. Create a spider/crawler or otherwise insert your content into Elasticsearch
  3. Create a simple web interface to submit searches to Elasticsearch
  4. ???
  5. Profit

At the end of it you get a working search engine. The problem is, that search engine is crap.

It's not that it can't be saved (it definitely can), so much as that most tutorials seem not to lend any thought to improving the quality of search results - it returns some results and that's good enough.

Over the years, I've built up a lot of internal notes, JIRA tickets etc, so for years I ran a self-hosted internal search engine based upon Sphider. It's code quality is somewhat questionable, and it's not been updated in years, but it sat there and it worked.

The time came to replace it, and experiments with off-the-shelf things like yaCy didn't go as well as hoped, so I hit the point where I considered self-implementing. Enter ElasticSearch, and enter the aforementioned Internet tutorials.

The intention of this post isn't to detail the process I followed, but really to document some of the issues I hit that don't seem (to me) to be too well served by the main body of existing tutorials on the net.

The title of each section is a clicky link back to itself.

Read more ...

(Hopefully) Rescuing a bottle of drink

With the change in weather, I'm having to take painkillers a lot more regularly, which means I can't drink.

I thought, as an option, I'd explore some non-alcoholic spirits - there seems to be quite a market for them, so there must be some good ones out there.

I did have some luck in finding some "gin". However, whilst searching, I stumbled upon "Xachoh Blend No. 7 Non Alcoholic Spirit", which lists the following tasting notes

Xachoh Blend No. 7 has a warm and richly spiced aroma. The prominent flavours of ginger root and blades of mace strike a perfect blend of warmth, spice and a subtle fruitiness. The luxurious aroma of cinnamon quills brings sweetness to the nose and palate, balancing perfectly with saffron & the other spices. Dark crystal malt adds delicious toasted notes and a real depth of flavour, similar to that of a well-aged dark spirit. All of these rich and dark flavours are balanced by a refreshing acidity of sumac on the palate, leaving the way for a long finish and an eagerness for that next sip.

Sounds good eh? As with anything on Amazon, reviews were incredibly mixed, some love it, some hate it.

So, as it sounded good, I took a risk and ordered a bottle.

It arrived this morning:

 

So having been looking forward to it's arrival, I had a little taste. 

It's got a nice and very varied aroma to it. But things go downhill once you get it to your mouth - if it was just a little less watery, I'd probably be looking to add Ribena to it. 

Disappointing doesn't cover it, the only trace of flavour it has is a somewhat unpleasant aftertaste. Unfortunately, if you mix it with ginger ale, it transpires that all you get is ginger ale with a horrendous aftertaste.

The answer for why lies on the back label (and in fairness *is* listed on the Amazon listing)

Free from:

  • Alcohol
  • Extracts
  • Gluten
  • Sugar
  • Calories
  • Sweeteners

With the exception of a tiny bit of salt, the nutritional information is just 0's. This stuff is literally water with some Barley Malt and a few flavourings.

It's "natural", it Gluten Free, it's vegan, it's... it's fucking shit and it's destined for the drain. Yuck

But, rather than pour a £30 bottle of water down the drain, I thought I'd have a go at improving it first - worst comes to worst I'm just pouring a slightly more expensive bottle of water down the drain, and it's not like I could realistically make it much worse.

As I'm extremely unlikely to try making this again, and there's not a lot of room there for snark, I figured this was better placed here than on my recipes site.

Read more ...