Information leakage analysis in block ciphers – Part 2

Cryptology attacks on CBC mode of operation In the first part we talked about block ciphers and their mode of operation. In this part we want to explain more about how an adversary will misuse this mode of operation and perform some successful attacks on cryptographic system, like decrypting a cipher-text without knowing the cryptographic keys. […]

Information leakage analysis in block ciphers – Part 1

Overview of block ciphers Block ciphers are cryptographic functions for blocks of data of fixed-size, as opposed to stream ciphers (take as an example the classic RC4) that can be used over a stream of data of any length. Block ciphers can work on different data blocks sizes and they can take as input keys of different […]

Inside a Kippo honeypot: how the billgates botnet spreads

A few months ago I decided to install a honeypot to find some new threat and to collect some new malware to be analyzed. There are several honeypot I had in mind to try, but for now I have chosen Kippo. From the Kippo’s homepage: “Kippo is a medium interaction SSH honeypot designed to log brute […]

Kaspersky Hooking Engine Analysis

In this article we will talk about a few hooking techniques used by antivirus software. For the purpose of this analysis the antivirus chosen will be Kaspersky (http://www.kaspersky.com/it/trials PURE 3.0 Total Security), we will deal with various hooking techniques used both at user and kernel mode. The reference operating system will be Windows 7 Professional 32-bit. The image below shows […]

Win32.BlackBerryBBC Malware Analysis

Today I got a mail containing a malware from security@bbc.co.uk. The sender’s address is forged and this is kind of Email Spoofing. Email contains a description about malwares and encourages the receiver to install a file called Anti-Vir.rar.

New Java 0-day Exploit in the Wild – Update 4

According to Kafeine Security a new exploit for Java 7 is in the wild. Not surprisingly this new exploit, announced yesterday on the underweb, comes right after the BlackHole crew announced that their team has been given a budget of 100.000$ to acquire unique web browser exploits. Currently the exploit has been reported to work up […]

How To Attack a WEP/WPA Protected Wireless Network

Updated on Jan/2013: Added WPS section Any help in completing this document is welcome, thanks! In this guide we’ll try to discuss the many vulnerabilities affecting the WEP and WPA protocols. We’ll also show you some techniques that can be used to break these protection schemes. Feel free to add any missing questions. Thanks 🙂 Greetings: […]