This Week In Security: SSH, FTP, And Reptar

It’s time to strap on our propeller beanies, because we’re going to talk crypto. The short version is that some SSH handshakes can expose enough information for a third party to obtain the host’s private signing key. That key is the one that confirms you are connecting to the SSH server you think you are, and if the key validation fails, you get a big warning:


The math that makes this warning work is public-private key cryptography. The problem we’re talking about today only shows up in RSA authentication. Specifically those that use the Chinese Remainder Theorem (CRT) to quickly calculate the modulos needed to generate the cryptographic signature. If something goes wrong during that calculation, you end up with a signature that is mathematically related to the secret key in a different way than intended. The important point is that knowing this extra value *significantly* weakens the security of the secret key.

This attack has been known for quite some time, but the research has been aimed at causing the calculation fault through power vaults or even memory attacks like Rowhammer. There has also been progress on using a lattice attack against captured handshakes, to make the attack practical with less known information. The real novel element of this week’s approach (pdf) is that it has been tested against SSH.

The paper’s authors performed weekly scans of the entire IPv4 public network space, capturing the handshake from any listening SSH server, and also had 5 years of historic data to draw from. And the results are mixed. There is a Cisco SSH server string that is extremely common in the dataset, and only once did one of these machines send a miscalculated handshake. Possibly a random ram bit flip to blame. And on the other hand, the string “SSH-2.0-Zyxel SSH server” had so many bad signatures, it suggests a device that *always* sends a miscalculated signature. Continue reading “This Week In Security: SSH, FTP, And Reptar”

PCMCIA Flash Card Gives Up Its Secrets Thanks To Retro Gear

There are two ways to recover data from an obsolete storage medium. One way is to pull out all the tools in the hacker’s kit — with logic analyzers, oscilloscopes, and bit-banged software in a desperate attempt to reverse engineer the original protocol. The other way is to have a really, really deep junk bin that just happens to contain exactly the right pieces that would have been used decades ago.

For recovering data from a 25-year-old PCMCIA memory card, [Dave] from Vintage Apparatus chose the latter method. But to be fair, characterizing the stash of gear he had to select from as a “junk bin” is pretty insulting. It’s more like a museum of retro technology, which just so happened to hold  Toshiba Libretto, a subnotebook computer hailing from the late 1990s. The machine sports a pair of PCMCIA slots and was just the thing to read the data from the old 32 MB SanDisk flash card, which once lived in a backpack-mounted GPS system for surveyors.

If this hack sounds as easy as plugging things into an old computer, you’d be right — if you just happen to have a stack of floppies containing the Windows 98 drivers for said things. So [Dave]’s task became a game of finding the right combination of cards that already had the drivers installed and would provide the connectivity needed to get the data off the flash card. Between a suspiciously crunchy-sounding floppy drive and an Ethernet card dongle badly in need of some contact cleaner, cobbling together the right hardware was a bit of a chore. After that, a lot of the hack was [Dave] just remembering how we used to do things back in the day, with the eventual solution being transferring over the files to an FTP server on a Raspberry Pi.

The video below tells the whole saga, but the real treat might just be the Vintage Apparatus collection of gear. Incidentally, we really like [Dave]’s idea for storing associated bits and bobs.

Continue reading “PCMCIA Flash Card Gives Up Its Secrets Thanks To Retro Gear”

GSM Module Does More Than Advertised

For many projects, a WiFi connection is overkill, too complicated, or too far away to work properly. Even though it’s relatively ubiquitous, sometimes the best choice for getting data to or from the real world is a connection to the cellular network, which can be done with the M590 module for about a dollar each. For that price, lots of people have had the opportunity to explore the module itself, and [marcrbarker] shows some of the extra, unadvertised, features it has.

Acting as a GSM module that can send and receive SMS messages is just the tip of the iceberg for this tiny device which we saw once before for a DIY GPS tracker. With a USB TTL serial data module, a lot more is on the table including answering voice calls and responding with DTMF tones, operate as a dial-up modem, connect with TCP, and even has some FTP capabilities. [marcrbarker] also suggests that it could do “call pranking” where it can send signals without being charged for a call.

There are a lot of details on the project site about all of this newfound functionality, and it reminds us of a time when it was discovered that not only was the ESP8266 a cheap WiFi module, but it could also run custom programs on its own. While the M590 probably can’t do all of that, it does seem to have a lot more locked away than most of us had thought before.

Raid Your Network File Shares

[Motoma] sent in his take on the virtual RAID 5 post. He didn’t like the layered system requirements, so he put together a proof of concept that only requires a Linux box. For his proof, he used a NFS share, a SMB share and did everything from the command line. He didn’t cover FTP, but the Gentoo wiki has a nice cheat sheet for mounting FTP and folders over SSH if you want some alternatives. He uses some very interesting partition tricks to make things happen. If you need some help to get things rolling, the Ubuntu forums software raid how-to is a good place to start.