The talk covered the new Microsoft Threat Modeling Tool 2014 (a free download), and used the diagramming technique and threat generation as motivation for uncovering and remediating attacks against a sample web application.
Attacks covered Wifi sniffing and interception using Karma and the Wifi Pineapple, XSS via EXIF data embedded in JPEG files, and a couple of other techniques.
The slides for the talk are available here:
2014-ARC307-ProwJackson-HackEdThreatModeling (34mb PDF)
The video recording of the talk is available on Channel9:
https://channel9.msdn.com/Events/TechEd/NewZealand/2014/ARC307
Fun wifi analysis:
There were 261 devices in the Skycity Theatre probing for 485 different wifi networks.
Congratulations to the two folk with 26 stored wifi networks on their phones, you made the record books :)
(Although you might want to disassociate / remove some of those free wifi networks from your phones if you value your privacy)
A little unexpectedly, the probes for wifi networks were very diverse. 149 devices were probing for 'TECHED2014-SC', but there were no other networks in common with more than 7 people.
In comparison, the device sat upon my hotel windowsill while I was downstairs for breakfast this morning. 868 devices went past, probing for 1173 different networks.
Hotspot | Number of People |
Telecom WiFi | 70 |
CP Public Wireless | 66 |
SKYCITY | 66 |
TECHED2014-SC | 62 |
Spark WiFi | 34 |
Auckland WiFi | 17 |
Callplus Public Hotspot | 15 |
Airport_Hotspot | 9 |
You can see how profitable it could be to masquerade as one of these access points - something like 8% of devices will automatically join to your network!
While we demonstrated capturing network traffic, we didn't actually capture anyone's network traffic during our demos. You'll have to trust us :)
Kirk
Kirk
Mean preso guys, as always enjoyed it and learnt heaps.
ReplyDelete