Category Archives: Security Theater

Benjamin Delphy on Kekeo, successor to mimikatz. (Video)

BlueHat IL 2019 – Benjamin Delpy (@gentilkiwi) – You (dis)liked mimikatz? Wait for kekeo – YouTube

From the comments: 

“If you enjoyed playing with Kerberos, ASN1, security providers…, then you’ll love adopting this furry, sweet animal. From its birth with MS14-068 to cleartext passwords without local administrator rights, you’ll know everything about this animal. This talk will embed CredSSP and TSSP with cleartext credential, explore a little bit about PKINITMustiness and the RSA-on-the-fly for Kerberos with PKI!”

Mimikatz on Windows Server 2019… nice music.

DoktorCranium is fiddling around with Windows Server 2019 Insider Preview Build 17650 and Mimikatz, a security tool used by hackers e.g. for intruding the German parliament, the Bundestag in 2015/2016 . “Bypassing Windows Defender, Loading meterpreter, and executing the latest Mimikatz just for fun.” Why? Because he can. And Open Source rocks. I still find it hard to believe so many security-sensitive environments still use software from the shelf. And if you like Benjamin Delphy’s work, look at this video about Kekeo:

Windows Server 2019 Insider Preview Metasploit/Mimikatz tests – YouTube 

Applied Crypto Hardening Handbook Update published

Some good friends were involved here, and their work is so much appreciated! 

Applied Crypto Hardening:

“This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.” Which Key length/cipher to use for a certain period of time

Reality update: Keylength – Compare all Methods … :

This web site implements mathematical formulas and summarizes reports from well-known organizations allowing you to quickly evaluate the minimum security requirements for your system. You can also easily compare all these techniques and find the appropriate key length for your desired level of protection. The lengths provided here are designed to resist mathematic attacks; they do not take algorithmic attacks, hardware flaws, etc. into account.

ECCploit … nice…

… : ecc-rh-paper-eccploit-press-preprint.pdf … :

To address the second challenge, we present ECCploit, a new Rowhammer attack based on composable, data-controlled bit flips and a novel side channel in the ECC memory controller. We show that, while ECC memory does reduce the attack surface for Rowhammer, ECCploit still allows an attacker to mount reliable Rowhammer attacks against vulnerable ECC memory on a variety of systems and configurations.

Thx to Fefe.