When PwnedList Gets Pwned !

Featured

Why pwnedlist is not a good idea !

PwnedList Logo

[+] Intro:

PwnedList.com until recently was a free online service providing anyone the ability to check whether his/her email and password were included in major data leaks [2]. The company was scanning the internet for database dumps which were illegally disclosed by hackers.

[+] Why PwnedList is not a good idea:

– Brining collective data from the deep web to the surface of the internet it might not be the best idea. Information that was available only to few. Especially when this information when none can gurantee their safety. Creating a real and approachable target for all black hat hackers out in there.
Single point of failure. If Pwnedlist is infiltrated by criminals. I would like to stress that Pwnedlist keeps hashes of your password while they could simply keep a list of emails only. Meaning that if they get hacked by a sophisticated threat
Security is Not Bulletproof. As with all cases, dedicate enough resources and you new atramck vectors will come up. Hodges (@NanoBob) a security researcher discovered a vulnerability that allowed him to register any domain name. By exploiting it he was able to pull more than 100k apple email addresses and password from the site.

Last but not least. Recently the leaked data from 2012 LinkedIn hack created a buzz and everyone jumped on the site to see if the were hacked.
I was always told you should point the elephant in the room. Did you have an LinkedIn account in 2012?
LinkedIn Security Team applied some precautions to limit the impact of the leak. All user accounts affected were forced to password reset.
Nevertheless it’s good practice to yse different passwords for different services and regularly change your password to

– linkeind. it recently got a buzz around.

[+] The Rise and Fall:

On the 16th of May 2016, InfoArmor decommissioned the popular online service PwnedList.com without giving the reasons behind their decision. The company will continue to provide commercial protection to its customers however that option will no longer available to the public.

PwnedList.com Announcement

[+]Sources:

[1] https://pwnedlist.com/

[2] “LinkedIn Lost 167 Million Account Credentials in Data Breach”, Forune, https://fortune.com/2016/05/18/linkedin-data-breach-email-password/

WhatsApp – Simple Hack (Verifying your phone number in WhatsApp)

Featured

While I was travelling outside UK and I was force to use a second cell phone, thus in order to use my what’app application I had to re-authenticate with What’App server. Instead of switching back and forth sim cards which I thought it was a bit of hassle (feeling a bit lazy), I was curious to discover to test the What’App verification process and how robust it was. I tried to find a quick way to hack through the automatic validation of my phone number and the current device using it.

How the verification process works?

Since your mobile number is used as a unique identifier (eg. username) for using the service, it is most preferable to keep the same number for your friends and acquaintances to contact you.

Photo : REUTERS/Dado Ruvic

Photo : REUTERS/Dado Ruvic

 

It simply works by sending an sms message with a 6-digit temporary code on the user’s cellphone in the following form: “WhatsApp Code 123-456”

The process is automated which actually means the android application does not allow the user to enter the code manually but it detects it as it arrives in your inbox.

Continue reading

Privacy Leaks from Wi-Fi Probing

Featured

In a modern era where smartphone use has exponentially increased, we investigate the amount of private information an adversary can extract by looking at the active service discover in Wifi where a wireless station broadcasts the list of its preferred wireless networks, without user’s consent or knowledge. This report describes a range of different techniques which violate users’ privacy by using Wi-Fi fingerprints emitted from devices. One of the main points of the report include the relationship discovery that was first implemented by Cunche, et al and explains how to infer relationships between users through their SSIDs sets. Other attacks can be mounted that will reveal not only a social link between users but the actual path that a device follows in real time.

Wi-Fi Probing Diagram

Figure 1.0 – Wireshark was used to capture the probing requests that include MAC addresses and SSIDs in plain text.

During the last decade the number of portable Wi-Fi devices such as smartphones, tablets, and notebooks have increased dramatically. Nowadays, the majority of users constantly carry their mobile devices with them not only at workplace but also at home. For this reasons, it has become the most preferable way to provide internet access for medium range connectivity.In this regard many recent scientific papers have investigated how much information can be obtained from user interaction with a Wi-Fi network. Particularly observing the fields that are transmitted in plaintext such as probe requests In order to connect to the network a mobile phone is sending the probes requests that contain the SSID name of previously associated networks. This mode is called Active Discovery Mode (ADM). Wi-Fi supports encryption and authentication standards (e.g. WPA2) to ensure that the transmitted data between a client and an Access Point are safe from eavesdroppers.

However, before we reach the phase of credentials exchanging there is the phase of Network Discovery where a Wi-Fi enabled client discovers and contacts the AP for the first time. In this phase there are several messages exchanged between the two parties (e.g. network discovery probe requests) that are transmitted necessarily in plaintext. These packets (also called frames) include in their headers, among others, the Media Access Control (MAC) address of the Wi-Fi enabled device. This address serves as a unique identifier for the said device. Based on this two features: unique identifier MAC and probes it seems feasible to identify users with a high probability.This fact enables the identification of a user by its device’s MAC address. Practically, the device serves as an interface to reach the user behind and the MAC address of the device becomes as a nickname of the user.

As a result, the user becomes vulnerable to what we would call fingerprinting attacks. Fingerprinting is called “the process by which a device, it’s driver or the OS a machine is running can be uniquely identified by its externally observable characteristics”. Therefore an adversary can extract information about someone previous history location or even track him down in small proximity.

The reports outlines the most important attacks including the following :

  1. Infer Social Link
    1. Location proximity
    2. Spatio-temporal co-occurrence probability
  2. Wi-Fi Tracking 
    1. Stalker Attack
    2. Beacon Replay Attack
  3. Estimating Smartphone Trajectories

* If you would like to read the full report please click here : Privacy Leaks from Wi-Fi Probing

For this project the following information security students contributed :

  • Pejman Najafi
  • Andreas Georgiou
  • Dina Shachneva
  • Ioannis Vlavianos

 

Are TV ratings possible with Twitter? – tweetTV

This project explains the creation and the use of tweetTV, a system that collects and analyses tweets from the micro blogging site Twitter, with the aim of comparing them with TV ratings in order to identify meaningful relationships.

tweetTV v1.2 Screenshot
tweetTV Software v1.2 Screenshot

Using tweetTV, Twitter text messages were collected, processed and then classified, by applying some data mining techniques. By isolating tweets that referred to three specific popular TV shows, a significant number of tweets was analysed and compared with TV ratings available from the British Audience Research Board (BARB). Furthermore, sentiment analysis was implemented to investigate the temporal variability of positive, negative and informational tweets in conjunction with TV ratings and whether the awareness of tweet’s attitude could enhance the accuracy of the system.

The running of tweetTV was successful in collecting sufficient amount of tweets to carry out the analyses required, which included qualitative and quantitative comparisons. A strong correlation was found between the number of tweets and the number of viewers, confirming the existence of a link between the two values that could be promising in accurately estimating TV ratings by only using Twitter. The small numbers of tweets collected for one show revealed a potential limitation of linking Twitter to some types of TV shows with relative explanations being discussed. The use of sentiment analysis also proved to be useful in identifying trends related to TV shows such as a periodicity of positive tweets during the days prior to the show. This suggested that sentiment analysis
could be used to improve the accuracy of tweetTV by weighting people’s opinions before the shows and projecting estimations.

Overall, the performance of tweetTV was successful in collecting and filtering tweets and in conjunction with sentiment analysis; it has the potential to work as a real-time application that will provide TV ratings.

Click here to read my full thesis: “Are TV ratings possible with Twitter? (2013)”

 

 

Walking The Silk Road

** An Insight to Silk Road – For Educational Purposes Only **

Imagine if there was a site like ebay where users could buy and sell Cocaine, Ecstasy  LSD and other illegal substances. That is not possible right  ? I guess that was the simplest explanation I could give to describe Silk Road an online black market. 

[Update 09/12/2013] : Almost one week after this article was released, Silk Road has been seized after FBI arrested the owner of Silk Road, Mr. Ross Ulbricht aka “Dread Pirate Roberts”. Following that, “Atlantis” black market has closed. If the arrest of Dread Pirate Roberts was due to a security weakness in TOR networks or human error, is something that we will have to wait to find out.

Continue reading

UoB Hellenic Society Project

ubhs

 Domain : www.UBHS.org.uk

Launched : January 2013

Description :

University of Bristol Hellenic Society is a Greek & Cypriot community of students in Bristol. The website was developed to provide a portal for communucationg and sharing the news and events of our society. Among our priorities was to boost the number of memberships through the creation of a facebook page.

Technical Details :

  • Platform : Wordpress 3.2

 Other Features :

CyprusPbGuide.com Project

CypruPbGuide.com Screenshot

Domain : www.CyprusPbGuide.com

Launched : September 2007

Description :

An online portal designed to bring together all Cypriot Paintball Players both amateur and professional. It served for three year as a guide for paintball lovers providing latest news about local and international tournaments and events. Additional services like “Field Finder”, Forums and Marker Reviews and Interviews were launched to attract more people in Cyprus Paintball society. Finally in 2010 the project came to an end, we stopped updating the site and agreed to keep the site as an archive of interviews, articles and videos.

Technical Details :

  • Platform : Joomla 1.5

Alphasphere iOS

App Description :

The AlphaSphere IOS app uses an edit function to take sounds and loops from the iPhone’s memory and map them to one of the AlphaSphere’s 48 pads. These loops can also be edited to change the play style, volume, pan and channel selection. The project can be saved into memory and loaded again at another time to edit.

alphasphere

 

On the left the iOS Application developed during the project and on the right the 
AlphaLive v.0.1, software developed by “nu design”.

As a standalone application the app uses a play function which is laid out similarly to the edit functionality. The onscreen pads can then be used to emulate those of the AlphaSphere, allowing the user to test their projects without needing access to the AlphaSphere hardware. This means that musicians can test, practise and compose music from any of their AlphaSphere projects on their IOS device

Alphasphere :

The AlphaSphere is a revolutionary electronic musical instrument that utilises computer software and the AlphaSphere hardware to allow the user to create and perform digital music in a visually stimulating way. The AlphaSphere is revolutionary in the way live music is presented to an audience or crowd due to the aesthetics of the instrument. A connection is established between hardware and software via an Ethernet cable so that instructions can be sent between them. The AlphaSphere itself is a haptic interface consists of 48 tactile pads that stretch and flex as they alter the dynamic, timbre or another parameter of the sounds played. The responsiveness and range of the interaction with the pads means performers can tailor their every musical requirement to their exact specification, producing a tangible sensation for performer and audience alike.

Alphasphere iOS App :

The AlphaSphere IOS app uses an edit function to take sounds and loops from the iPhone’s memory and map them to one of the AlphaSphere’s 48 pads. These loops can also be edited to change the play style, volume, pan and channel selection. The project can be saved into memory and loaded again at another time to edit.

The AlphaSphere app is designed to work as either a standalone application or alongside the AlphaSphere and while much of the functionality is the same there are some differences in the way that app works when receiving signals from the AlphaSphere.

Nu desine also requested the app to be capable of receiving an Open Sound Control (OSC) message over the network. It was specified that messages would be sent from the AlphaSphere to the IOS device and the message format would be constant (and as follows);

The app is also able to stream in and decode these messages, using the two integer values in real time.

Project Report : Click here to read the full report (pdf version)

Team Members :

  • Thomas Butterworth
  • Li Du
  • Andreas Georgiou
  • Andrew Haslam
  • Robert Jones
  • Vlad Otrocol