Health Hacking: Sitting is Bad, Get Healthy!

Friday, May 29, 2015

We are living in an era where most professionals whether computer consultants or doctors use computers on a daily basis. Most computers are in an office which in turn introduces long periods of sitting. Sitting for long periods of time has proven to be a contributor to bad posturing, weight gain, diseases and shortening the length of our lives!. This is serious stuff, but not to worry!

In this blog post I'll be taking a step away from traditional tutorial posts to inform you just how bad sitting for long periods of time really is and what we can do to improve the situation! Let's jump right in!

Why is sitting so bad?

Research from the British Journal of Sports Medicine has shown that sitting down for long periods of time is known to cause diseases such as heart disease, cancer, diabetes, obesity and even strokes! How so?

By sitting for long periods of time, we reduce our telomeres, which are in charge of cell longevity. When our telomeres get shorter, it damages our cells thus affecting their life span which then increase one's chances for diseases and a shorter life span. Serious stuff!

Check the TED video below for more information.

Get Healthy!

Researchers believe that standing up and moving around periodically increases the chances of a longer and healthier life. These facts are often forgotten due to busy work schedules/lives. However, there is a solution! In order to help myself and others I've made a free, lightweight web application to remind one to get up and stretch periodically! Enter Get Healthy!

The Get Healthy! application was made to remind users to get up, stretch and take a break. Just set your reminder time (15 or 30 minutes) and wait. When the time comes the application will play a sound and flash the title screen to remind one that it is time for a stretch. The application will also display a random stretch/exercise to do.

Apart from taking periodic breaks to move around, it is recommended to invest in a stand up desk. Stand up desks are getting relatively cheaper and more common in the industry. In terms of chairs, why not ditch the traditional office chair and get a medicine ball? Medicine balls are also becoming more common and do a great job at building your core muscles while you're sitting down.

Well, that's it! Hope you guys learned something! Feel free to try the application out here and give some feedback as well as any features you would like included in the next revision. Remember not to sit down too long, stay active and get healthy!

Performing an Evil Twin Attack with a Router

Thursday, February 5, 2015

An evil twin is a common attack vector in any environment where wireless access is available. The attack consists of an attacker spoofing an access point to look as legitimate as its counterpart in attempts to harvest credentials.

With that being said let's take a look at how to set up an evil twin access point in an WPA2 Enterprise environment.

What you'll need:

Please remember, this is solely for educational purposes. 
The techniques mentioned below are not to be used for malicious purposes outside of a controlled research environment.

Why do we need a router?

We need a router because we are using the old school method! Scripts like hostapd-wpe or lootbooty can configure and perform the evil twin attack and much more with the presses of a few buttons. However, if you'd like to learn the fundamentals this is a great tutorial. I'm actually making this tutorial because I didn't find any on the web specifically with a physical router involved. I had to resort to this solution recently at a client site due to some unforeseen complications so I definitely recommend reading and trying out this tutorial. It could come in handy!

Setting up the Evil Twin

Since we're going to be intercepting enterprise communications we must first set up a radius server. We will be using freeradius-wpe in this example. Once we set up our radius server on kali then we will configure our access point/router appropriately and should be all set!
  1. Download freeradius-wpe to your Kali Linux virtual machine (vm). I will be using free radius 2.1.12 in this example.
  2. Download the freeradius-wpe patch.
  3. Untar the download:
  4. Change directory into the freeradius-server folder and apply the patch: 
  5. Configure, make and install:
  6. Make the certificates:

Great! We're now done with the radius server set up. To test it out run the radiusd -v command. Regardless of what version you installed, the output should look similar to the one below.

Alright. Now that we can confirm that our radius server installed correctly, let's make some changes to the configuration file.
  1. Let's change directories to the location of the configuration files: cd /usr/local/etc/raddb/
  2. Open radiusd.conf with your favorite editor and ensure that eth0 is uncommented. I've included a snippet of what this setting looks like below in order to facilitate finding it. This should be around line 290 of the configuration file.
  3. Next we're going to open clients.conf and add a new client with the address of our router and a secret phase (this can be anything). Below is the client I added to the configuration file.
  4. Create a log file named freeradius-server-wpe.log under the /usr/local/var/log/radius/ directory. This log file will store any credentials we capture during the test.
  5. Alright, now for the fun part. Let's configure our router to use WPA2 Enterprise and use the IP address of our Kali VM as the radius server. Enter the secret previously saved within the client.config file. I've included a screenshot of how my router settings looked like below. Note that the router's SSID is set to "eviltwin_test", attackers will usually set this to whatever SSID they are trying to spoof.

We are all set! Let's start up the radius server with the radiusd -X command and let's test it out. I will be using my phone to authenticate to the evil twin....annnnnddd success!! It worked!! Here are some screenshots on what the radius server should be outputting as well as the logfile containing the username and password I just entered.

A quick note. Not all clients who authenticate to the radius server will succeed. Additionally, not all passwords will be in clear-text, in fact most of the time hashes are the ones obtained.

Hope you guys learned something new. Remember this is an old school technique that can be used to learn or as a Plan B. Before you go check out how to prevent this from happening in your environment with some mitigation tips below.

Go Mitigation!

The example above depicts how to successfully spoof an access point and capture user credentials. An attacker can use these credentials to infiltrate a network and possibly obtain sensitive information. This is bad news for any environment. Let's explore some ways to protect against this attack:
  • Ensure your environment is using a secure protocol such as EAP-TLS
  • Implement client side certificates for authentication and validate those certificates
  • Do not self-sign certificates
  • Implement a Security Awareness program for employees

Additional Reading

For more detailed information on evil twin attacks and recommendations check out the following:

Installing MinGW (gcc, g++) on Kali Linux to Compile Windows Code

Wednesday, March 5, 2014

It is possible to compile windows code natively in Backtrack and Kali using MinGW compiler and Wine. While MinGW comes already installed and configured for users in Backtrack, it does not in Kali.

Let's go over how to install and configure MinGW for Kali and how to use it to compile windows code, but first some quick definitions.

What is Wine?

Wine allows windows applications to be run on several platforms such as Linux, Mac OS X and more.

What is MinGW?

MinGW is a collection of windows development tools including compilers such as GCC and G++. Using both MiniGW and Wine it is possible to compile windows code thus creating a portable executable (pe) which can be later run with wine.

Installing MinGW on Kali Linux

As previously mentioned, MinGW does not come installed on Kali by default. Thus one does not have access to important tools and compilers such as gcc. Let's install and configure it.

  1. Download the MinGW installer from their sourceforge.
  2. Run the installer (mingw-get-setup.exe) with wine.

  3. Select the Install with GUI option.
  4. The MinGW installation manager should now be open. Select mingw32-base.

  5. Select Installation > Update Catalogue on the top left hand corner.

  6. Some missing DLLs will need to be downloaded, download them here
  7. Unzip them and move them to the wine drive_c/windows folder.

Excellent, we now have Mingw installed! You can confirm this by visiting the /root/.wine/drive_c/MinGW directory. You should also have gcc installed under /root/.wine/drive_c/MinGW/bin/gcc.exe.

Compiling Windows Code in Kali and Backtrack

With MinGW installed all we have to do now is use gcc to compile our c code. Below is an example of usage. The example below assumes the user is inside the /root/.wine/drive_c/MinGW/bin directory.

There we have it! Go Compile!