Jump to content

Security on shipped Hak5 items


radi

Recommended Posts

Hey,

I just read an article that the nsa stops shippments which contain network equipment to install spyware.

This german article (http://www.heise.de/newsticker/meldung/NSA-manipuliert-per-Post-versandte-US-Netzwerktechnik-2187858.html) is speaking of cisco routers, but I guess, that a wifipineapple is a nice target too.

So since my wifipineapple has been shipped (internationally) I wonder if there is a way to make sure that there is nothing on my pineaplle that isn`t supposed to be there. Is there a way to install something flash-proof on a pineapple ??

Thanks in advance.

Link to comment
Share on other sites

Think of the effort that this would require to be done on all network equipment and the level of secrecy that would be required. They may do this on some select bits of kit that are sent to select targets but to do this on a large scale and then to do it on something as relatively insignificant as the Pineapple is something I'd say is never going to happen.

Link to comment
Share on other sites

Simple answer no. They are the NSA, if they want to do something then they will. If you come up with a software solution they would just go to hardware, would you be able to recognise it they swapped out a chip?

You might be able to protect it by embedding the whole device in tamper proof resin or whatever they use but again, it is the NSA, I'm sure they can get around even those protections.

But, before anyone panics, think of who they are and who they go after and think of yourself, are you doing anything that they would go to the trouble of caring about you for?

Link to comment
Share on other sites

Story time!

A coworker of mine, 'Stan', ran a red team at the datacenter my employer operated and one of his subjects had, in his spare time, done a complete audit of all the software he had running on his system. Stan congratulated him with his accomplishment and the asked "but does the compiler now produce the proper assembly?" since the guy only audited the source code for flaws but never thought to check if the compiler didn't introduce new flaws.

Before the guy set out to do another massive audit, this time focussing on the inner workings of gcc, Stan also quickly asked 'and don't forget to verify that the storage controller actually writes the bytes you want to the harddisk!'

At that point the guy saw the light and gave up. At some point you simply have to trust that things are on the up-and-up since you can't verify everything yourself, even when everything you use is openly accessible to you, which most of the time it's not.

Intel CPU's can receive updates to their microcode. Did you check to see if that didn't involve keylogging capability or something? Of course not! But it's a distinct possibility for a determined attacker to do so.

The thing to remember is that if any of the 3-letter agencies are out to get you, you'd expect them to and there's not a whole lot you can do about it.

Link to comment
Share on other sites

If you are concerned about any potential spyware dailing home, setup a passive tap and wireshark and montor the traffic between your pineapple and your internet connection, and watch what ip are going out.

This would be good to do on other things and software.

About two years ago I had to install a btr board (behind tape reader) on an old prodution machine on the floor (1970's technolgy), this is used to create a serial port on machines that had paper tape reader only,yes I know, holding together a communication system with bandaids and bubblegum....

Anyway, the software that drivers it, had to be purchased,which we did, but as it was locked to tbe pc, what would happen when the pc failed (which it did two weeks ago). If we couldn't get a new license, we would be crippled.

My solution, I fired up Idapro and looked at the license system in the assembly code.

What I found, that while it wasn't to hard to bypass, it had a failsafe that dailed home if it detected that the licensing system was bypassed

the point I am trying to make is I be more concerned about other software, as it is easier to install spyware than intercpting hardware

Link to comment
Share on other sites

  • 4 months later...

Hi everyone, I just joined the forums so this is my first post. Hoping nobody minds that i brought back an old thread, but I found it very interesting. The tracking info on 2 different packages that i ordered from hak5 seemed to change in mid-route, both packages were supposed to be delivered today (according to the tracking numbers yesterday), but now the tracking info is saying they wont be delivered for a couple more days. Normally that alone wouldn't bother me so much, but apparently they still haven't left California yet. In fact, I looked on a map to see where the packages are according to the names of the cities in the tracking information, and the packages seem to have only travelled a grand total of about 13 and a half miles from the hak5 warehouse since the time that I ordered them a few days ago. (It's not even a weekend, that's gotta be some kind of record.)

Most of the people here seem to be under the impression that the NSA only targets criminals, but I think Edward Snowden would dissagree with that idea. Besides, I'm pretty sure that things like Wifi Pinapples and USB Rubber Duckies would attract their attention anyway, I mean if I were the NSA I would probably want to intercept hacking/pentesting gear too. But obviously the NSA can't intercept every package... So why would mine be any different than Trolljegeren's international package which apparently arrived in 3 days? And what should I do with it when it gets here? I'm not so sure if it would be a good idea to use an NSA-Moddified Pinapple to secure my network. That would be a bit like using a burgler-modified lock to secure your home.

Link to comment
Share on other sites

Simple question, do you think that anything you are doing is of enough interest to the NSA for them to go to the effort of intercepting your package then monitoring what you do with it?

If you do then you've got a lot more to worry about than a modified pineapple.

If you don't then put it down to shipping problems and don't worry about it.

Link to comment
Share on other sites

Let's think logically here. The NSA is simply not large enough to have every package bugged. And even if that was the case, chipping off a chip from the board and replacing would 1) have to be completely compatible, 2) It's damn near impossible. Hell I know that the FBI when they do chip-off on a mobile phone, they don't even put the parts back on because it's for all practical purposes, impossible. It takes a technician anywhere from 8 hours to DAYS to get a removed chip to even read on the proper components. And the transfer rate after you get it just to connect is super slow as well. No attempt is even made to put that chip back on because it's done with computers at manufacturing. If you are off by the smallest amount, the ball grid array will not line up and it wont work at all.

Let's not forget that the NSA doesn't tap local devices. Since when did they take all of America's (possible foreign) phones to get their call info? Oh wait, they didnt, because they got in transit. The same goes for your internet traffic. There was a talk at HOPE X about the two programs used for domestic and foreign surveillance.

Bottom line, don't let your paranoia get the best of you.

Link to comment
Share on other sites

Yes, it's probably just shipping problems. After all, why would the NSA want to intercept something so innocent and unassuming as a machine that speciallizes in hacking other machines? It's probably my fault, I must be some kind of bad guy if they think I'm important enough for them to use some of their enormous and completely justifiable budget to do those things that they do. I'm sure they would have no motives at all to install any backdoors or trojans in any computer systems. And the NSA must surely think that Americans are off limits because the NSA is Americas public servant, I know it because they said so. It would just be silly of me to think that they had some kind of agenda because Uncle Sam has always known what's best... I should just take my medication and get back to work on designing the most impenitrable tin foil hat ever.

Link to comment
Share on other sites

The only reason the NSA (or similar EEEEEVIL organisation) would want to intercept your Pineapple/ducky would be to modify it in an attempt to attack you. Do you think you did something significant enough to warrant this much attention from such an agency?

If they wanted to inspect your Pineapple, they should've just bought one as it'll be cheaper and involve rather a lot less red tape since your Pineapple (presumably?) isn't any different from the one the rest of us got when we bought ours.

If they wanted to monitor what you're doing with a Pineapple, it doesn't make a lot of sense to intercept the Pineapple since chances are the first thing you'll do when you get it is replace the sd card with one that can store more than a groceries list and flash it to the very latest version. Anything they'd do would likely be thwarted by those 2 things. And again, simply putting a tap on your phone line and internet connection and maybe get someone to keep an eye on you for a bit would probably give them more information about you than trying to dick around with a tool you just bought.

To summarise: DON'T PANIC! :lol:

Link to comment
Share on other sites

If I were going to put malware on the pineapple I'd put it in the boot loader because that doesn't get changed between firmware flashes and would give you persistent access to the box.

Link to comment
Share on other sites

Lets look at it a different way, the Pineapple is mass produced, almost off the shelf hardware, if they wanted to target everyone who bought a Pineapple then they would have to take into consideration that people like you might notice delays in shipping and get paranoid about why it is late so they have two options that can get round that.

First, they trojan them in the factory, I don't know if it is in China or Korea but I'm sure if they wanted to they could get something modified in some bit of hardware that would end up on every device. This way they don't touch the supply chain on the Hak5 to buyer side. Here there is no delays in shipping and you'd never know what happened.

Second, they buy a bunch, pre-hack them and then when you buy one they simply open your package, swap it out, and then send it on its way. This introduces a delay but only enough time to open the package and replace the contents. If they are as powerful as you expect then this is a 5 minute operation and again, no shipping delays.

Both of these options would cost a reasonable amount of money with a lot of it being completely wasted on pre-owning a device that sits in someones home office and does no more than hack their own home connections. Also, due to the amount shipped, there is a good chance that some are being used by highly technical people who do look at things down to the hardware level and might notice interference. If this happened then their monitoring is blown and then end up with egg on their face again which in the current climate would be quite a big, bad, blow.

The alternative is they know who they are targetting and if one of those people buys a Pineapple then they do a silent intercept and swap out that single device, they do it with total stealth and the person is none the wiser.

If they want to do mass survailance then, as already said, they have much easier ways to do it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...