Sunday, 17 December 2017

Basics of Blockchain, Bitcoin, Cryptocurrency, Mining. Security in Blockchain and possible attacks against Blockchain? Use of Blockchain in Real life?



·       Blockchain

What is Blockchain?

Definitionà  Blockchain is a consensus based secure Decentralized Public Database which stores information in the form of Transaction (immutably) over peer-to-peer network.
*Highly Secure - more secure than traditional storage.
*Data gets recorded via Consensus based Algorithms.

Real life example of Blockchain

*Bank account statement or a large size book.
Imagine it as a book, where
Book = Blockchain, Page = Block, an entry in page = blockchain transaction
*In Blockchain each block is built on top of the recent block and use its previous block’s content/signature + Nonce (random string).

Real life usage of Blockchain

*Blockchain can be used when you want to store something immutably. When things keep adding but older one does not change. For e.g. Health Records, Court Judgments etc.
*When decentralize control needed for e.g. User identity management system.


·       Bitcoin

*Bitcoin is the cryptocurrency built on top of Blockchain technology.
*Bitcoin remove the dependency on trusted third party to execute the transaction (this is the nature of a blockchain).
*Transaction gets executed by peers based on consensus based algorithm & recorded in the Blocks by the miners.


·        Mining

*Is the process to solve a very complex computation problem to identify that next block in the Blockchain. (in simple words "Miners identify and adds the next block to the existing Blockchain." or "Mining is the process of recording the transactions as a block into the Blockchain of that currency.")
*It takes time and computational power (distributed globally) to add a Block in the Blockchain. Hence there is a reward (12.5 BTC in case of Bitcoin Blockchain, 5 ETH in Ethereum)

What exactly the miners do?

*They identify a random number through which they can create the digest of the next block in such a way that the new digest is less that the most recent digest and this is very difficult to identify. (They do so many hit and trial and most of the time 100% CPU gets utilized in this process, that’s why they need very powerful CPU's.)

·        Consensus Algorithm

*Consensus Algorithm is some set of rules to avoid conflicts. In more formal way "Computation methodology of resolving conflicts in Blockchain."

·        Blockchain: a brief summary

*It is decentralized data structure where data is being stored inside blocks in the form of transactions.
*In Public Blockchains more complex algorithms are required to avoid malicious activities. (because each block is built on top of the previous Block, the immutability has been achieved.)
*Every participant of the Blockchain contains same copy of the Blockchain.


Security in Blockchain and Cryptocurrency

*In public Blockchain it is made computationally difficult to add a block to prevent attacks against it.
*Nodes follow “Longest chain rule” (to avoid conflicts and to make it more secure).
*For e.g. a chain currently have 100 Blocks and node 23 decides to alter the Block number 23. Changes will be made locally at that computer and all the node after 23 will be invalid at that computer.
*Broadcasting that node will not help because other nodes are following longest chain rule and will reject the smaller chain 0-23, and will chose 0-100.

What if the attacker creates remaining blocks from 24 till 101 and make everyone accept that fake chain?

*In public Blockchain networks it is computationally very very expensive and time consuming to create a Block. In case you want to fake that you should be having thousands of super computers and tons of money.
*There are many honest nodes in the network and faking a transaction will not help, as it will be rejected by honest nodes.
*Now let’s say even if you can afford to fake a block, the new block will have no effect as the transaction in that fake block will be rejected by other honest blocks in upcoming Blocks.


Possible Attack against the public Blockchain

·        51% Attack

*If an attacker can contribute the majority (51% or more) of the network’s mining hashrate, then the attacker would have power to manipulate the public ledger. (Often considered a very large Flaw in public Blockchain)
*It is theoretically possible because Blockchain is publically open, but it will be a very very costly attack.

·        Eclipse Attack

*If the attacker can place a node in such a way that it cannot talk to other nodes in the network, in that case less %tage owner of network hashrate can launch the attack.
*Let’s say there are (03) three nodes with 40%, 30% and 30% network hashrate power. If the node 2 is placed in such a way that it cannot talk to node 1 and node 3 can control the Blockchain’s public ledger.

Monday, 27 November 2017

Every time a user is requesting for password change using "Forgot Password" link, Facebook is generating same OTP.

Recently I observed that the same OTP is emailed to Me every time I request for password change using "Forgot Password" link.

The OTP is only getting changed if it is used.


Attack Vector'sà


·        Brute-force AttackThough the risk level of this issue is low, still an attacker has an advantage if he will try to brute force the OTP (he can try different OTP's 15-20 times a day for many days)

·         Social Engineering- Attacker can try to get access to the victim’s email account to get the OTP.

This issue also can be exploited in combination with other flaws.


As per Facebook this attack scenario is not feasible.


Saturday, 2 September 2017

Logical Bug in Paytm – They are not considering Gmail way of working. I recharged phone with approx. 3000₹ by paying just 600₹. 😊 (The irony is Paytm says this is an intended functionality)

                                      


·        You may be knowing that Google consider example@gmail.com, e.xample@gmail.com, ex.ample@gmail.com, ………..  and so on as single and same email ID. And Paytm consider them different.

·        Few months back Paytm was offering Three 50₹ recharge with Three 10₹ coupon to each of its new user from Grabon.

·        Paytm was considering us as the genuine user if you have either verified mobile no. or verified email ID (not both).

·        Pyatm was allowing us to recharge same mobile number (n number of times) from different Paytm accounts for this offer as well.

What I did?

·        I bought three coupons from Grabon for 30₹.

·        Recharged mobile no. by 150₹ (50₹ each coupon).

·        Then registered few more accounts on Paytm with same email ID (by placing “.” at different places in the username) and random mobile no.

·        This time I bought 57 more coupons for 570₹ from Grabon, and recharged mobile with 2850₹.

I reported this Issue to Paytm, and I agree this is not a security issue but this can be considered as a logical bug. But I totally disagree with Paytm’s argument. (either I was not able to explain to them, or they were not able to understand.) 😬


Here is my conversation with Paytmà







🤔🤔h   How it can be an intended functionality? 

------------------------------------Updated--------------------------------

They were saying that “this is an intended functionality”, but now they have mitigated this issue and asking to verify phone number, now email id is optional.


Why they have mitigated this? if this is an intended functionality.

Thursday, 24 August 2017

Bug in Amazon.in – Allowed me to buy a 12000 ₹ phone at 6594 ₹ only. 😊


Recently I thought of buying a new phone and my budget was around 10K – 15K ₹. I searched Amazon, Flipkart and many other ecommerce websites for a good deal. As you all know now-a-days for most of the phones we are getting exchange offers, for e.g. If you are having an old phone and want to buy a new phone, if you return your old phone to them, you will get some discount and the discount is varying based on your old phone model.

I thought of testing amazon for any loop hole in the implementation of exchange offer’s logic. After sending few request’s I have observed something interesting (one hidden parameter which I was getting in the server response), I was not able to understand it’s use and logic behind its implementation and then I thought of playing with this and I got something interesting it was showing me almost half price of its actual price.

Then I tried this with few other phones and observed that Amazon.in allowing me to buy phones without exchanging any phone with the maximum discount they are offering on phones with exchange offer to others. Then I thought of buying any Low-priced phone to test this and placed an order for Lenovo Z2 Plus, 4GB DDR4 Ram, 64 GB internal storage variant at 6594 ₹ only, which they are selling at 11999 ₹. 😊
  
I reported this to Amazon and they fixed it.


Monday, 21 August 2017

What is Tails? How Tails is different from Tor? Benefits of using Tails over Tor?

What is Tails?


In Simple words- “Tails is a Debian GNU/Linux based free Operating System” designed to be used from a USB Stick or a DVD, that aims to preserve your privacy and anonymity. 

Basically, Tails relies on Tor networkà


·        All the software’s on Tails OS are configured to connect to the Internet through Tor.
·        It will automatically block’s the connection if an application tries to connect to the Internet directly.
·        Because Tor is and distributed network that’s why it helps us defend against traffic analysis from somebody watching your Internet connection. But Nation State Actors like Govt. Security Agencies still can compromise your Anonymity by many ways i.e. Malware, DNS Leakage, Tor Traffic Analysis. 

Attacks vectors of Torà

·   Malware- Even if you use Tor to go to the Internet, the Security Agencies can compromise the Tor web server, Tor services (Tor based website’s) and when you go to these servers you can easily download Malware that will infect your computer with some kind of spyware, and the idea is when you are doing whatever you do on Tor network, this spyware is logging that data locally and then what happens is, when you drop of the Tor network it will then beacon that information with those Agencies and say exactly who you are and where you have been.
"Security is not only about encryption and hiding IP address but it is also about preventing software from installing on your computer."

·      DNS Leakage-  When using a privacy service like Tor, it is important that all the traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity.

By default, your computer uses your ISP’s DNS to resolve IP Addresses, so make sure using SOCKS proxy option in Firefox or use full Tor bundle which uses this option by default.

Some of the ISP’s are now using “Transparent DNS Proxies”, using this technology they can force you to use their DNS service even if you have configured your DNS settings to use OpenDNS, Google DNS services.

Adrian Crenshaw talks about "how people got caught using Tor" at DEFCON 22



Benefits of using Live CD such as Tailsà They can pre-configure your Operating Systems so that there is no Leakage i.e. DNS Leakage and it spoofs (keeps changing) your IP address and MAC address.     


And the most important thing is- you should not be using Tails OS on any Virtual Machine software. Because either your host OS or your VM software can monitor what you are doing in Tails OS.

But still your Anonymity is not guranteed from “Nation State Actors”, if these agencies can compromise enough node on Tor network, then they can compromise both your entrance node and exit node. And then they can do MITM attack on your exit node to see all the data that’s getting pulled, and if they can also control enough nodes, then they can match the data flow i.e. what’s going to the exit node and what’s coming out of the entrance node, Then they can say that this entrance and exit node corresponds and they know that the IP address connected to the entrance node is here, so then they can match that IP address to the entrance and exit node and now they can see all the data going back and forth. 

Thursday, 1 June 2017

Difference Between The Internet, The Web, The Deep Web, and The Dark Web

To discuss these things and figure out the Difference Between The Internet, The Web, The Deep Web, and The Dark Web, we will start with basics of Internet and Web. Because most people confuse between the deep web and the dark web and how they’re different.


Internet: The internet is the physical connection of all the computers that are joined together across the world, it started off with ARPANET in the late 60s which was research agencies getting together to connect their computers from a long distance and this is when computers were huge things in massive rooms and then that graduated to the NSFNET, which was the National Science Foundation net which was all the universities connecting together into a, kind of bigger network and in the start of the 90s it became the internet, where they connected more broadly to commercial networks as well as research networks.

Web: The web is the software that runs on the physical internet, that is a way of sharing information across all those different computers. The web is just one type of software on the internet other types of software include email exchange (SMTP), file transfer protocols (FTP), where we can send files to other computers, so it’s just a type of software that runs on the physical internet.


How do you view the web?

We have web browsers like Chrome, Safari and Firefox and they just know how to talk to the web to ask for pages and to get things. There’s two key bits of the web which make it work, the first one is URLs- Uniform Resource Locators and the second one is an HTTP Server (Hypertext Transfer Protocol Server) or a Web Server and this server runs on those physical computers that stores information in the form of pages and data and they send it to the person who is looking for this using URLs.

Deep Web: This is a part of web we are not allowed to see or google is not allowed to see or can’t find or hasn’t found, in easiest way we can say Deep Web is a huge portion of the web which google doesn’t have access.


Secrets of The Deep Dark Web:

There are four examples that makes Deep Web different from the Webà

·         Any place that we go we must type in the passwords (stuff behind passwords) kind of Bank Information, profile pages on Amazon etc. but the main page of Facebook and Amazon are on the surface web that the google can see.
·         Dynamic Content: Content which gets generated based on what you do or where you are i.e. Facebook feed which is always changing.
·         Robot Exclusion Standard: Most website have a file which is robots.txt on the server and that says to google or other search engines, you can look at those pages but don’t look at these pages and Google simply just doesn’t index them.
·         Nobody’s Ever Link:  It has never been found as this google spiders have never followed a link to find it. (95% of the web is Deep Web)

Dark Web: Dark Web is just the web but built differently and there are several dark webs, they sit on the internet and overlay the same internet like the web does. They just talk different languages, they have secret handshakes and they encrypt things in different ways. A good example of a Dark Web is Tor which is the “Onion” - where you go to .onion pages rather than .com pages, it’s just different language, different codes and the way you asked for a page is differently so ever. Other examples of Dark Web are .rdos, .lll, .clos etc.


·         It protects you and anonymity by encrypting everything and lots of layers sending in an unusual route.

DEFCON Hacking Conference - Held Annually in Las Vegas


DEFCON was founded by Jeff Moss is 1993 as a farewell party for his friend, member of “Platinum Net” and fellow hacker. DEFCON term comes from movie WarGames, referencing the US Armed Forces DEFense readiness CONdition.

DEFCON 25 is a four-day event being held at Caesars Palace in Las Vegas, USA from 27th July to 30th July 2017.



DEFCON 25 Fee: $260.00 USD, Cash for all four days. Everyone have to pay the same fee (Cash) including the government, media, ‘well known hackers’, and the unknown script kiddies. Goons and speakers only will get discount for DEFCON 25, and Only Cash will be accepted.

Age Limit for DEFCON 25: There are no age limits but you must be 18 years of age or older to book hotel room and check-in. A valid ID prof will be required upon check-in. and there will be 21 or older rule for certain “private” parties with bouncers at the doors checking IDs. Generally, this rule will be applicable for all areas where alcohol is being served. Presentations are open for all ages but in some contests, may have age restrictions for competition due to laws.


Black Badge: To the contest winners of certain events Black Badge is the highest award DEFCON gives. Sometimes Capture the flag (CTF) and Hacker Jeopardy winners earn these but mostly varies from year to year.
Best hacks at the conference receives a Black Badge that allows lifetime free entry to DEFCON.



List of Black Badge Holder’s:

CONFERENCE
COMPETITION
WINNER
DEFCON 8
Hacker Jeopardy
Izaac
DEFCON 9
Hacker Jeopardy
Izaac
DEFCON 10
Cannonball Run
Capture the Flag
Hacker Jeopardy
Scavenger Hunt
Slogan Contest
War Drive
Evel Matt
Digirev
Detroit Crew
Team Exodus
Neal Krawetz
Wireless Con
DEFCON 11
Capture the Flag
Hacker Jeopardy
Robot Warz
Scavenger Hunt
War Driving
WiFi Shootout
WiFi Showdown
Team Anomaly
Condor, Blueboar
Kallahar
Team: Elitist Cunts
Arkasha, Bobzilla, Mentat
Slink
Pukingmonkey
DEFCON 12
Artwork (Red Bull Can)
Cannonball Run
Capture the Flag
Coffee Wars
Lock Picking (Obstacle Contest)
Lock Picking (Speed Contest)
Robot Wars
Scavenger Hunt
TCP/IP Embedded Device
The Leetest Link
T-shirt Contest
WiFi Contest: Fox and Hound
WiFi Shootout
Effffn
Matt
Sk3wl 0f r00t, led by Chris Eagle
Hook
Qmark
Lemon Jello
Team Irvine
Poor Social Engineers
1o57
Vicky
JesseK
Renderman and Deviant Ollam
P.O.D.
DEFCON 13
Cannonball Run
Capture the Flag
Hacker Jeopardy
Program Cover Photo
Robot Warz
Scavenger Hunt
WarDrive
Gizm0
Shellphish
Jennifer Bennett, JMK
John D
Team Florida
Timmy Needs a Liver
Preset Kill Limit
DEFCON 14
Capture the Flag
Hacker Jeopardy
Lock Picking (Speed)
DEF CON Robot Contest
Scavenger Hunt
l@stplace
NYMPHS
Omicron
Team Octopi
Vegas 2.0
DEFCON 15
Capture the Flag
DEF CON Robot Contest
Hacker Jeopardy
Mystery Challenge
l@stplace
Team Octopi
Kumquat
Grifter
DEFCON 16
Capture the Flag
DEF CON Bots
Hacker Jeopardy
Mystery Challenge
Open CTF
sk3wl0fr00t
Team Yozhik
NYMPHS
Grifter, Bunni
Team V&
DEFCON 17
Badge Hacking Contest
Capture the Flag
Gringo Warrior
Hacker Jeopardy
HFC
Mystery Challenge
Open CTF
Zoz
Team VedaGods
Nuclear Steve
Team Nicehat
HDM
Grifter
Team Quail
DEFCON 18
Badge Hacking Contest
Capture the Flag
Gringo Warrior
Hacker Jeopardy
Mystery Challenge
Social Engineering CTF
IPSIN
ACME Pharm
Nuclear Steve
Daniel Pops
Krux
Phat32
DEFCON 19
The Badge
Capture the Flag
Gringo Warrior
Social Engineering CTF
designed by 1o57
European Nopsled Team
Dr. Tran
Amoeba Wonderwall
DEFCON 20
The Badge
Black Bag
Badge Challenge
Badge Hacking
Bro CTF
Capture the Flag
Capture the Packet
Crash and Compile
Mystery Challenge
Scavenger Hunt
Services Rendered (Contributor)
Services Rendered: (CTF Organizing)
Services Rendered (Goon)
Social Engineering CTF
Tamper Evident
designed by 1o57
Ray
MLF
Mailglare
Team Virgins
Samurai
Team Strawberries
Team Nullstring
Psychoholics
Re-engineering Sex Toys
Winn Schwartau
DDTEK
Lockheed, Heather
Shane
Motherfucking Professionals
DEFCON 21
The Badge
Badge Challenge
Badge Crypto Challenge
Badge Hacking
Capture the Flag
Capture the Packet
Hacker Jeopardy
Hacker Pyramid
Services Rendered as Goons
Social Engineering CTF
designed by 1o57
Team MLF
Decrement, Jabroni
Llama Princess
Plaid Parliament of Pwning
CCSF_HACKERS
phreck, DocWho
Zoz, Lintile
Noid, Lunaslide, Londo, Zac
Lilly
DEFCON 22
The Badge
Badge Contest
Black Bag Contest
Capture the Flag
Capture the Packet
DEF CON Darknet Project
Lockpicking
1o57 Badge Hacking
Open CTF
Social Engineering CTF
designed by 1o57
MLF
Sec
Plaid Parliament of Pwning
Umi
Silk
Skynet, Big Ezy
Beeker
Team Neg9
sn0ww, amidda
DEFCON 23
The Badge
Badge Challenge
Capture the Flag
Crash and Compile
Hack Fortress
OpenCTF
Scavenger Hunt
Social Engineering CTF
Warl0ck gam3z
designed by 1o57
Council of Nine
DEFKOR
Volatile Consts
Team !rdy4this
0x8F
A Glen Greenwald Santorum
Jen F.
ggulfunny
DEFCON 24
The Badge
Badge Challenge
Capture the Flag
SoHopelessly Broken (IoTCTF)
Capture the Packet
The DEF CON Darknet Project
Wireless CTF
Social Engineering CTF
Car Hacking CTF
CGC
designed by 1o57
Council of Nine
Plaid Parliament of Pwning (PPP)
CYDY
Mon
ohaithear
dEM
Chris S.
compukidmike
apr
DEFCON 25
Coming Soon!!!
Coming Soon!!!


Basics of Blockchain, Bitcoin, Cryptocurrency, Mining. Security in Blockchain and possible attacks against Blockchain? Use of Blockchain in Real life?

·        Blockchain What is Blockchain? Definition à   Blockchain is a consensus based secure Decentralized Public Database ...