Bad Memories

Presented at DEF CON 18 (2010), July 30, 2010, 6 p.m. (50 minutes)

No matter which kind of cryptography you are using to defend your network, , sooner or later to make it work you will have to store somewhere a password, a key or a certificate. If the attacker is able to tampers with its storage mechanism then even the strongest encryption mechanism became irrelevant. In this talk we will present Tapjacking attacks which abuse smartphone features to create more efficient clickjacking attacks. We also show how to attack storage mechanisms to tampers with SSL session and break into Wifi network that use WPA encryption. For SSL we will show how to exploit warning inconsistency and caching mechanisms to trick the user into accepting a bad cert and gets his credential stolen. For Wifi network we will demonstrate how to use clickjacking, CSRF, and XSS to steal from routers the two pieces of information that an attacker needs to geo-localize and break into it, namely the WPA key and the mac address. Finally we will discuss how to discuss what frame busting defense are used by the Alexa top 100 website and how we were able to break them using standard and not so standard tricks. We also demonstrate how to use Paul Stone scrolling attack in novel ways. This is joint work with Dan Boneh and Collin Jackson.

Presenters:

• Gustav Rydstedt - Stanford University Student
  Gustav Rydstedt is a student at the Stanford Computer Security Lab focusing on web and mobile devices security.
• Baptiste Gourdin - Stanford University Student
  Baptiste Gourdin is a student at the Stanford Computer Security Lab focusing on web and mobile devices security. He holds an Engineering in computer systems, networks and security.
• Panel
• Elie Bursztein - Stanford University
  Elie Bursztein is a researcher at the Stanford Computer Security Lab. He holds a PhD in computer science and an Engineering degree in computer systems, networks and security. His research focus is offensive technologies, mobile and web security. He enjoy applying game theory, machine learning and data mining techniques to security.

Links:

• https://defcon.org/html/defcon-18/dc-18-speakers.html#Bursztein
• https://infocon.org/cons/DEF CON/DEF CON 18/DEF CON 18 video and slides/DEF CON 18 - Elie Bursztein and Panel - Bad Memories - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=UaOFMLqxxko

Similar Presentations:

• HOPE Number Six (2006) / Privacy through Technology: A Hands-On
• Black Hat USA 2010 / Bad Memories
• 33C3 (2016) / Lockpicking in the IoT: ...or why adding BTLE to a device sometimes isn't smart at all