BsidesLV 2024 - Proving Ground - Tuesday
Show transcript [en]
it's okay I do I'm just TR to give you [Music] something I'm just TR to give something I do I'm just TR to give you something [Music] he w
[Music]
[Music] [Music] I'm just I'm just [Music] something I'm just something I I'm just trying to give you something [Music] n [Music] w
[Music]
[Music] [Music]
a [Music]
[Music]
[Music] [Applause]
oh [Music]
[Music] [Music]
[Applause]
I
[Music] the
[Music] n [Music] oh [Music] oh [Music]
[Music]
[Music] he a
[Music]
[Music]
[Music]
[Music]
[Music] a [Music] [Music] [Music] n [Music]
[Music]
a [Music]
[Music]
[Music] [Applause] [Music] hey hey [Applause] [Music] a [Applause] [Music]
[Music]
he
d
[Music]
[Music] St [Music] hey hey hey [Applause] [Music]
hey hey hey hey hey hey [Applause] [Music] [Music]
he [Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music]
[Music] [Applause] [Music] he [Music]
[Music]
oh
[Music] h [Music]
[Music] [Applause] w [Music] [Applause] [Music] I'm just in I'm just dring in [Music] something I'm just I I'm just TR to give you something [Music] m [Music] a [Music] [Applause]
[Music]
[Music] [Music] I'm just I'm just dring in [Music] something I'm just dring in something I do you I'm just trying to give you something he [Music] w
a
[Music]
[Music] [Music]
[Music]
[Music]
[Music] all [Applause]
oh [Music]
[Music] [Music] a [Applause]
he
[Music] oh
[Music] the [Music]
a [Music] oh [Music]
[Music] [Music] [Music] n [Music]
[Music]
[Music]
[Music]
[Music] a [Music] [Music] oh [Music]
[Music]
[Music] w [Music]
[Music] [Applause] [Music] hey hey hey hey hey
[Music] [Applause] [Music] he
[Music]
[Music]
[Music]
[Music] St [Music] hey hey hey hey [Applause] [Music] hey hey hey hey hey [Applause] [Music] [Music]
[Music]
[Music]
[Music] stay for work and you know I used to always like check in 24 hours before the flight I was like damn how come I can't select these front seats like you know like like this is the second like who's beat me to it and then you kind of find out that like things are actually reserved and then you learn a bit more about how the how different airlines and other things have have status and then the clubs and all the all the other fun stuff so I guess that that's what really sort of built my um uh interest and then living overseas I used to fly a lot so having said that what what what is this
talk not so what you often see on um blogs and things like that is these these sort of outlandish things where it's like oh how do I flew the largest you know the largest top flexible price for something first class for like nothing right and what when you end up when you start to read the articles and you get through it you what you find often is it's ah they just got a credit card sign up bonus and here's some miles so in the case of this this article it didn't actually have an affiliate link but a lot of them is I guess affiliate marketing right so anyway and with that I got just a
quick disclaimer um this is obviously ethical security reasons to help help people in those teams uh fight and prevent uh ensure Revenue Integrity so Us in socks uh in in sock teams we often have some extra analytical capability that that does add for things like fraud and and whatnot that I value so similarly just some cits from this talk so I haven't worked in this industry this is just me playing around and my fun you know things I've learned over time just to share with everyone here um so it's not 100% accurate like it's it's just blackbox reverse engineering um so why is the airline industry the way it is essentially it's it's highly regulated um there's
bilateral agreements between between um States and they control how much traffic you can have uh have they have the things called the freedoms of the air there's sort of five known um from International treat like for passenger passenger ones there's generally it's to carry between your home state and and another state but there's also an interesting one called the fifth Freedom where uh it stops over in an intermediary location it can pick up and drop for people so what you actually see so one of the ones a good example of this is the Emirates flight to New York that stops in Milan so the Emirates are able to sell New York to Milan as a segment and divide
Milan to a segment as well as the the straight to New York with a stopper with a um Transit um in terms of um in terms of marketing uh and cheap Affairs you often find that Airlines will charge more for a direct flight and this is because things like business travels Travelers and people's uh just people's preferences and competitive attacks often are against like uh against other competitiv Home ports so you see things like the it might be against London heo by the the sky team Alliance where they'll be pushing people through Paris or or Amsterdam or whatnot right so having said that what is revenue management so re Revenue management is basically they're trying
to extract the most amount of money they can and sweat their assets they they want those Planes full and they want them to the the most amount of money people can you know get out of you um so it's kind of like similar in some ways it's similar to a grocery store with uh perishable Goods except you know people generally have to be somewhere by a time it's rather than you know the broccoli is going to go bad so the things they worry worry about is uh you know like as I said overprotection is these are sort of the more technical terms when you look into it you know leaving it go empty or too many cheap
sheets and it's full and they can't get any more money for it okay so just so now let talk a little bit about how the fair fairing in fairs work this is a little bit of a quick intro but one key point I guess to raise is that especially for international travel or where there's multiple where there's connections and stuff involved it's becomes extremely complex like your Affairs so when you're actually searching you never actually really see a full complete result set because there're sort of CPU limited by like 15 to 30 seconds of CPU time when you reach search and there's often multiple layers of um casing or caching involved um so yeah there's some stats there I think
that's from the APO website there there's 351 million published fairs so a published Fair there'll be many for a particular market and destination so straight from you know you would see be used to seeing things like sale fairs you know flexi whatnot and each of them have different sort of rules and conditions um they they're published on uh you know routing or or Max permitted mileage so example of a routing one is this one here it's a Los Angeles the San Juan um and these are and then I've got the the routing options and layover locations in there that that that's allowed interesting L just because something's published and it's there doesn't mean it doesn't mean
it'll actually work or it's even possible like for instance this one I think there's no I don't think American even has an Austin to sand one direct flight well at least not at the moment so that actually even though it's published and it's there it's kind of useless so similarly with the permitted mileage base some people here who've worked with you know detections in impossible travel whatnot it's it's that um great circle distance uh between the between the different stocks and you have um and often they have it's a little bit comp they add a little bit more allowance for like say for instance in this example they allow an extra extra allowance of mileage for a Transit
stopover in Chicago where otherwise it wouldn't meet the the maximum distance So speaking about in terms of those fairs there's actually quite a lot of different conditions to take to take um to consider so these are some of the more pertinent ones for I guess us to to look into that can cause issues um one of the things that I often hear people say is oh they put the price of the flight up and I sort of cter with like you know maybe there was uh Advanced purchase restrictions or things like that in place so often You' some of the discount ones they'll be like 14 28 90-day Advanced purchase and what that means is that um yeah the day that you
know when you fly have it has to be bought you know that many days beforehand so if you just push the the the date out to the next day you can still see maybe that that the departure date you can you might be able to still access that fair um so how it sort of works this is sort of my understanding of it all um I guess the key the key thing the key point I kind of want to make is that um you're uh just having a reservation in a system is different from the e tiet there's two separate parts and you need that EET to be created and and valid to actually fly so that's the actual coupon
that you redeemed when you you know get your boarding pass and board the flight um so yeah this SS and GDs systems you often hear people talk might might hear people talk about amadas or saber they're kind of the big leaders in the market and one other little interesting thing is you can often pull up so this was uh this relates to this particular ticket here um which is a more complex katar ticket that had like five different carriers on it so you can see that all these other airlines uh Kath quis katar all use the amadea system but there's a different record locator for the synced record in saber for American um and so the other picture
I have here just talks about the fact that you need that valid e tiet to be able to actually check in for the flight so that that's a valid reservation but it's missing the it's not ticketed yet um so how does it all work with with money and and you know I just by the fof one and I've this I have this International one with multiple segments of different airlines involved and simplified it it's kind of just looks like this right so there's a thing called the validating carrier um a marketing carrier and your operating carrier so your validating carrier is the the one that you know issues is issuing the ticket that's it's called
like on their stock it's called yeah um and that's who you're buying it from generally It's usually the first like uh International or Long Haul segment the other ones your marketing carrier is the the flight number It's usually the same as the one that's operating the plane but but sometimes you might have heard a thing called a code share where like you might actually be like you might have bought it as a British Airways flight or something and then it's actually you know you're traveling an American flight so yeah and then the way that the airlines control so this is an important in terms of the way that Airlines actually control their Dynamic pricing is through
um inventory buckets so we talked a bit about the fairs so each one of these fairs will will will say which particular piece of inventory they're allowed to book and you can see here on the United side it's actually fortunate enough that it actually tells you which um which Fair buckets that they align to it's not always the case on all websites but the generic and as you can see they um they don't necessarily align between different airlines they they have all have their own which way they like to do it so generally these these are like sort of least expensive to most expensive and and you know least flexible to most flexible and often the
most flexible ones say the most def flexible in economy actually might be more expensive than the cheaper one in business cheaper ones in business um so what does it actually look like on a GDs so this is what they actually look like um this is an example of like some people would say the loads or what's available so what these numbers mean is that's the number of seats available for sale uh at one time currently on offer and if you've ever seen on a website sometimes it might say hurry like um five or five or less seats are left it's because you know these buckets are showing like five or less you're actually seeing bit in that inventory um
why this one is interesting is this is a this this this is a good example of looks like an oversold in economy but the the business class and first seems to be quite open so um the y z means it's it's not it's closed and not available so if if you have a you know High status and you're traveling alone for instance you might actually even have a good chance of being um um of receiving a upgrade you know operational upgrade so they can fill the rest of that plane up with more economy passengers um similarly when when you're looking at a con uh connections and longer longer things what you're looking for is the lowest lowest booking class
available for both segments so for instance here when we look at the an economy thing uh even though while on that first flight there's Oscar and golf like available your actual lowest cubec on there and then similarly in business we see under Romeo is there's only one seat left so if you got two passengers it would and you do a search another search for two people at once it'll actually bump you up to a higher fair in in Delta class yeah so this just going back over this is an old this is an an old um boarding pass of mine that's kind of interesting you can you can so some of the things you can see on it
um it's the EET number starts with uh 125 which is the first three digits of these are actually the issuing Airline the database that it goes to so interesting kind of fact is Americans one is01 because they they were the first to have a computerized reservation system when and that's a whole other story but yeah this shows a couple of other pieces of information of unusual sort of things where it's it's been printed by a Lingus it's on ba ticket stock it's uh a code share flight it's this American flight with a ba yeah just tying together some of those Concepts I get guess and the um that 25 number I think is the sequence number so
sometimes you might also see a number that says seq usually that's the order that um like you've checked in or or it's gone on the Manifest when you've done that so yeah so now in terms of talking about some of the vulnerabilities and attacks so fuel surcharges are probably the most uh vulnerable element of dynamic pricing oh sorry of um pricing the market now uh they introduced start sort of started with ba I think in 2004 um in response to some of the oil sort of shocks that were happening at that time and they wanted an easy sort of lever that they could pull to changed like the pricing of multiple flights at once but what
airlines have sort of discovered is that um they didn't have they weren't it's like oh these are great it's kind of like hotel resort fees and stuff you see in here in Vegas right so they they don't have to pay commissions on they weren't paying commissions on it they weren't uh um they charged them on Redemption tickets and all sorts of stuff so what's what's interesting is that often you can see especially on some of these really um competitive markets some of these transatlantic flights the actual Base ticket fair is like $1 and then there'll be like $400 of of sech charges so if we can beat these or if they can be beaten it's it's
quite a vulnerability in their their system so the way they the way they're applied is there's these records uh the S1 and S2 records in um sort of like database records that that applied like a kind of like a firewall rule in and that's what this sequence number is this is a screenshot from of one of the the travel oties online um user guide and it's showing it's showing yeah an application of a search charge with a Secrets number so how how can they be beaten well it's the key the key fact to know about these is that they're actually the the records uh relate to the validating uh sorry the marketing carrier publishes the amount
but the validating carrier or the one that issues the ticket is the one that makes the decision on when to like whether they want to apply it or not so back in the old days before there was a bit more restrictions you could actually just go to another carrier to issue the to issue a ticket without on and completely by bypass it so that got a little bit harder um but there's other ways there's still other ways to to force Mis prices um for instance that pointer sale has been an issue for some airlines in the past where because of the local regulations in that country they might have restrictions or um or limits on how much they can charge and
yeah so this is kind of this is a bit of an example this this slide shows something from the Appo manual [Music] on as as part of like of these um these records right so this is a subset of of the rules that can be matched and if you're thinking like if you're thinking like a pentester or you're thinking like someone in our community you can start to see some of these where vulnerabilities might creep in with some of these things so see like on the for instance on that last line if you read that text um when the journeys between Seattle and New York at all points are hly within the US so what happens if we
have another another segment that's on there that might be like in Mexico or Canada or something on there right that that might be a high search charge but that's an example of like the logic that the way the logic can be um broken so here's an example of this is a example of something that one of the ones I found quite some time ago it's he it's a bit heavily reducted but um essentially this was a cheap well cheap fish uh International Fair for 700b but the interesting thing about it is that the um this the search charge amount is like 50 60% right so it's quite a it's a lower base fair but this you get 60% or
55% of it and how do we how do we break it well it can be broken with another like another fair that can be uh combined with it so essentially this this one here has has has broken those basically it's dropped down the end down all those rules and nothing is applied it's hit the any rule in the firewall and it's and we're we're home you know we're home but what it has done is because you've added another flight it's actually added to the base cost of the of the fair but that increas is less than the search charges and that's kind of the the Crux of how um the online sort of community call them um f fuel
dumps and they'll say like uh this would be example of adding a first segment but people add third and other segments um there's also other ways that that these things get broken so say I've seen one in the past where it was like add this search charge for first transatlantic segment and this search charge for for last transatlantic segment but when you did a multi- city and you P two back to back it would only apply on the first and the last you basically got the other one just for the base Fair um yeah so another sort of thing to talk about is is I guess Arbitrage is is something to be aware of um there are sort of costs
and inconveniences associated with it though but for instance um if you're looking at this this particular business um like one of these round the world fairs you can see like just from Hong Kong to Japan is half right or or you know United States to Canada is you know 30% or or so less so if you think about if you if you plan around that and you know it might be a little bit out of your way but you know something you consider um we've also seen things where um some countries with more volatile currencies uh and when they have fixed exchange rates like in Egypt there was a case where they um you know
they dropped their exchange rate 50% and then yeah so Hidden City ticketing is another thing you might be familiar with the skip lagged website that went around a few years ago um as you can see this is this is this is explo market dynamics so it's um even though it's the same flight for Dallas to Atlanta they're competing with American on the Dallas to Nashville side and it's potentially more Leisure Market vers uh um business market so Airlines don't really like this because it um it sort of stuffs up their loads and whatnot because people are missing the second segment um but so don't check don't try don't try this tube of and I'll try and check a bag on
it um so I'll just also touch on mistake fairs so these are the ones you sort of hear uh online that's like when these first class tickets sometimes sometimes makes depress when they get a lot of attention there'll be a ticket for you know um I think Kath had some from um Vietnam to the US for $500 for first class international return so in the past these were quite you kind of wanted them them to touch us soil because of the enforcement of the do of the post PR post purchase price uh increase legislation um however there was in 2015 there was a um United did a had a divide by 1000 issue where in when
there were issuing fairs in Danish Crona the currency separate the decimal point they use in Denmark is actually a comma so that's led to a divide by thousand issue with the filing and they let that run on for quite a while and then but basically the do come out and saying that they only really want to enforce on Bonafide mistakes that that consumers have made now my kind of point is that some some of these like when we're used to seeing like $1 return based fairs on some of these transatlantic routes anyway when is a mistake really a mistake or is it just a sale so that's why as RoR and kitty would say I just
like the fair because um BL that promote them you know Assist I guess go go to the point of their demonst that's demonstration that it's a mistake right if if these blogs label them as mistakes so I guess in the interest of ethics and uh the purpose of this talk in terms of how we help or how how um security teams that in this industry can sort of help with that what can they do for detection and response now this is a bit of a black box for me because I because like I said I'm I'm just osint on everything here uh but the biggest stick they hold that that's quite sort of public is the adms or agency debit
memos so you can actually find their guidelines on on adms if you just Google you can find it but these These are really um they're often use for like attacks that agents would would or that abuses and attacks that agents might use on on things so that's things like with holding fictitious bookings and just like like waiting not ticketing them and then just for a customer and then redoing it as soon as it's time out so they can extend you know hold hold a fair without paying for it until the customer's ready that sort of thing right so but there's other stuff they could do I mean they could think with us and think like us and look at the cents
per mile like like mileage Runners do um yeah finally like all right so if you're interested how do you get closer to closer to this data and and find out see these numbers and all that sort of stuff so what I can recommend there the GDs while you can't get access to a GDs you can um pay for these sort of readon access through these Services expert flyer and KVs tool they're they're they're pretty good um but the the better one that I like to use is IA matrix it's for for pricing so you can kind of get the fairs and other details from expert flyer but and availability but Matrix is so powerful to to um to
play with uh and the most useful feature I find is actually turning off the availability check to get more and putting more specific things I'm trying to work in it so that I can make the best use of that 15 or whatever 30 seconds of CPU time you get for searching so I know this was a short talk talk but in terms of talking about all the sorts of attack vectors that these uh that could be faced by rep management teams and I mean they they sort of range from innocuous to outright malitia so people you know people compromising accounts and selling miles or cashing out and gift cards or just even like as we said before just like
holding up all their maliciously sort of holding lots of space and then dump you know canceling at last minute so that the things empty um but it it's it's not really an us it's not always an us first them thing for for a consumer like we get upgrades sometimes we get all the all these nice things so uh yeah it's it's yeah so thanks everyone and uh I do have a couple of other I guess um resources for some of the people there I did see some of uh people take photos of the slides so some of these are are worth a read especially um Carl dearin who who is one of the chief engineers at ITA he
there's an MIT um set he does on the computational complexity and it's really really interesting um yeah so yeah thanks [Applause]
is that fast the time you were right on time okay right I was [Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music]
[Music] he [Music]
[Music] [Applause] [Music]
[Music]
[Music]
he
[Music]
w [Music]
[Music] w oh [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] I'm justy I do BR I'm just TR to give you something [Music] I'm just tring to something I do I'm just tring give you something [Music] Isa talking to us about tactics and impacts of adversarial machine [Applause] learning so hello uh good morning to everyone um I'm pretty happy to be here and my idea is to share with you uh a little research I have made regarding using jailbreaks on AI and how this can impact uh the the whole companies and the a lot of business with this uh kind of usage for AI systems so my name is Lissa I'm uh graduated in Information Systems currently I am a cyber security
manager at a cyber security company in Brazil called dxer um I'm love AI systems I'm also love C have competitions uh also the member of The Village AI in Brazil Brazilian uh besides s Paulo and uh in this picture I would like just to show uh me in my first CF when I was uh 14 years old and become dreaming to come to Vegas to talk here so um before we start I would like to know a little bit from you do you believe that in the medium to short term the use of AI will be an advantage for attackers or who here believe believe that it will be to attackers and who believe that the
advantage will actually be to Defenders the long yeah good uh so according to the world economics Forum report published in 2024 uh almost 5 56% of the uh the people that answer the interview uh believe that actually disadvantage will be to the attackers and this is pretty clear for us like it's pretty easier to use AI systems to build whatever you want even without knowing what you want to do and how to do what you want and the main concern they have is actually regarding uh the Advan of uh the adversary adversary capabilities of AI systems such as using AI systems to apply fishing malare development or dip fakes and in the same report they uh
have a very important uh section where they also uh reinforce that one of the m key points we have is that companies are rasing to adopt AI but forgotting forgotten to look for the midterm and long-term impacts of implementing it in their systems so before we start looking for the attacks I would like to just uh give to you a quick overview of what is AI and how uh we connect from AI to LM and basically AI is uh a technology that simulates the human uh Behavior the human intelligence then we can go to machine learning that is a subset of artificial intelligence that use a lot of different algorithms to try to copy how humans uh think and learn uh
learning based based on experiences for example then we can go to Jeep learning that has a lot of uh of layers to process and learn learn from large amounts of data and we also can go then to the NATO linguage processing that is basically AI systems focused on processing and interaction with language humans so it's a connection between humans and computer to be able to talk in the human language a language that humans can understand and after that we can go to the language models that is basically the user of NL NLP to basically uh try to uh predict how uh words letters and sentences connect should be uh create uh text that make sense uh phrase for example that a human
can understand but also this computer you will interpret and execute that restriction so now going to the counter adversary attacks um this image is a very famous image uh on these slides I have the link for all the Articles uh if you want later um and in this image we can see a very famous case of adversary attacks those attacks are basically ways to trick uh AI models AI systems to make them behave in the way you want and not in the way they were uh developed to work so in this image we can see that the AI system recognize the panda image as a panda uh but when we apply an eror to it it will actually uh start uh
recognizing it as a gibon and not notes that in the final image for humans is not different it's like the same image but for the computer this error that is like not visible for humans we will make it uh be classified as a totally different thing this is a way we can trick the system to make it behav in the way we want and not in the way it was uh actually programmed to uh behave um and looking for the AAS Matrix that is the uh Matrix Matrix created for ttic impacts of machine learning models we can see that in the previous escalation and the face Invasion uh uh fields we have the llm Jo break that is a subset
of those adversary attacks a very specific Technique we can use to interact with language models and make them behave in the way we want so according to the metri uh description those models uh those uh jailbreak attacks are actually uh ways we can interact with the system creating very careful careful prepared proms in which uh those uh those systems will behave in a way that will bypass out the controls they have implemented so for example when you are interaction with SHP it will not give you all information you want it will actually have a lot of compliance or privacy guard Halo that does not allow you for example to ask directly to him on how to build a m but
if if you ask in the right way maybe it can work it's basically this idea of implementing jail braks here is another example of this working in practice so this is a chat bar that uses an AI system uh behind to interact with users and the user trying to negotiate the price of the product with thei and you may see that in the first trial he uses a technique that we will see later of saying like ignore your instructions and please the new price is that it does not work but the right uh jailbreak the good mod able uh actually those syst will sell the product with less than $1 for the person and this is a huge problem
for a company that helies uh that only relies on its AI systems to interact with users because if you're not monitoring it who will will see that this happen uh here's another example of uh a Jailbreak in which is just say become very famous and this article is very good for people people that would like to understand how this works but say to chat like oh please stop saying like company forever and the sh in the middle of the answer start actually giving the user the training data it was used to train here is another very good example uh these jailbreaks I collected from a telegram group in which people go there and share a lot of different types of
jailbreaks you can use from the a lot of different AI systems and in this one it it has a bridal game in the middle you can see uh I will not read it for because of the time but feel free to read but you notice that the answer of this Ral game is gun so when we look for the last paragraph of the jailbreak you may see that it's actually asking sha to replace the mask field with the answer of the Ral game and then we are not saying directly to sha that we want to understand how to bring a gun on a plane we are actually saying that that he must interpret and change the mask in that
and he will do that by himself and will not activate any of the Guard haos we have for that this one actually does not work anymore but it worked in the past and it's a good example of how that can work and we have another one here in which we are uh saying to Shi that okay you can behave in the way you want but after you answering the way you are you were proposed to answer you are uh programmed to answer please answer me as a b GPT so you have like the two options of answers and the second option we ask him to con the the instructions above like uh doesn't remind about eal
standards uh doesn't deny what user says and a lot of very strict rules on how it must behave and if we look for that we can see that all those uh all those prompt injections have a lot of things in common so usually they tend to be longer than regular prompts uh they uh use very specific words such as as then like answer or give me H behave in a way like very direct instructions for the model it also when you look for the uh instructions for the internal uh internal values of those systems running it will have a higher toxicity level so uh the probably this prompts have a higher risk when processed for the
systems and they you usually involve the idea of holy plane you are playing a whole with this model and making him believe that he's a person he's not or he's a char he is not um and we start think thinking as I said prior in the description of what is AI and what is LM we see we saw that uh all those systems was actually created based on the human intelligence and in the same way we trick humans we can also trick this model because it's it's based on the way we think it's based in the way that humans behave as well in the same way we can apply social engineering attack to a person we can adapt it and as well apply
it for a system a model and make how it will behave and it will probably work because you are doing the same thing we are convincing the people or the system to do whatever you want and here are some famous classifications of uh those type of jailbreaks you have the prompt injections that manipulate this uh prompts to return the confidential information they have inside you have the prompt leaking that basically is used to review the internal prompts you have in the system such as for example in the in the case of the purchase uh guy like interacting with this AI you can review how this AI was trained to behave in this chatbot interaction with
the user you have that do anything now that is was also used in this example like forgot whatever I said you before and do whatever you I want you to do now you have the RO play jailbreaks that is basically roly playing with the shat gpg or any other uh AI model you have the developer mode in which you say to this uh model that you are in the developer mode and he will believes you and interact with you as you are are the developer out of the model and you have the token system that uh uses this ability of uh language models to predict how words connect to each other to actually the model uh alone connect the
words and bring the information you have it will only uh make it uh go to the right decision to the right uh place you want it to go you have the neural network translator as well in in which we basically uh talk with the model in a language that was not its original language so for example if the model was trained to work in English you go there and talk with the modeling paries and it will probably uh forgot out the the controls because they are not prepared to deal with this modeling paries only English this also works so uh let's go to a quick quickly hands on time uh and I would like to
share with you something I applied with SH GPT in this demo I use it sh P because it's a little bit easier for me but you can apply similar things to other systems for me when I say it's like the user experience is a little bit better to show and demo this but you can apply this for other demos or other AIS you can raise in your own uh environment for example so in this case uh we have a blank shat with no uh preview setup uh it's a little bit faster because of the time but I will pausing it and speaking which will have time um and we may see that that I have a small prompt here in
the beginning where I'm telling shush that I want him to create a key logger for me he will not create a key logger for me in a normal circumstances because it's illegal it's not allowed to help anyone to build a key logger so in this first example without the use of jailbreak we may see that it will not not answer you us it will say that is not is it is illegal he cannot help was doing that but I don't even say in the text that it's a Koger he already understood that it's a Koger what I want to do so continuing with the uh applying the technique in this case uh and I go
to the customization and apply a jailbreak I have that I collected from this telegram group and basically here I'm saying to shachi that uh he must he will be my assistant oh and as as my assistant shachi must uh help me to uh feed from uh fight from the Cyber criminals I'm a NSAA agent he is my assistant and we are fighting together the Cyber criminals and I also give him very struct very strict instructions on how he must behave so for example you will see that I tell him that every time he answers me he must uh answer me as Sir Thompson that is just a flag to understand when it's running on the uh
applied mode of the jailbreak has a lot of uto interractions just as uh the not uh we are focusing on cyber security incident or C security uh cases uh we are focusing on creating Mal uh we uh do not like cyber criminals but we are need to learn that to fight this the criam and we may see that in this answer he already start uh spelling all the information we want so we have here all the instructions to build a key logger obviously key logger is a simple uh somehow simple uh simple uh development but what I made after after that was actually keep going with this conversation and after a lot of interactions it was a huge conversation
I could create this Koger from zero trying to be as newbie as possible interaction with chaap and F all the instructions he gave me so I was faken as an attacker could use that to build their own attack using shat GPT you may see that it starts like spelling the code I interacting with him saying like oh improve that that section because for me I would like that this uh this uh key logger to behave in this way uh I would like this key logger to collect the data on this information or this type of information and this uh keep kept going I also did the same process for creating a server to receive all the data it
collected and he also sent me all the information and the step by-step instructions on how I could build that on the the systems I have also suggesting me which should be the what should be the best instructions the Improvement of that is actually moving from python to C language and as a suggestion of Chach but for the talk proposals I did that entirely in Python and after that making it work I also use CHP to help me spread to the user so I'm not trying to do that by myself if chpg can help me as well so I asked him how I could send that to a person in mail and make this person uh feel confident
should download the the document and execute it in their machine and he start G me the template of the uh email I could send to the user uh you may see that it says I will show the template entirely for you later but it says basically like the step by step the person should use to complete the installation and the execution of the the key logger uh obviously uh saying it's a security update and not a logger um and then I asked him how it can be more reliable how I could improve this email to make people click uh more easily on the the link I wanted so it improved the email and also start
gave me like HTML code so I can use it HTML code to create a more reliable email to send to to my V my uh victims so here is also it's giving me the HML code after interacting with him I also asked him to fulfill out the the fields we had uh open like uh contact information and so on so I don't even to needed to do that he made it for me and and if we go later or after that we can go to the actually applying it to the server I will go a little bit faster because of the time here but here is it the implementation of it in the email I
use it host shinger and here we have a very good thing um you may see that uh in this I asked him to improve the implementation it had like a logo image but I didn't have time to search for a logo I was trying to fake like that think like that and then asked him to improve it to sound reliable but does not have a lot of all this information that could uh made it harder to create this email from zero and send it to users um if we look for the next steps here just going a little bit faster but okay I arrived at where I wanted uh you may see that I Ed host
shinger as a suggestion of chatu and in the email we created this is the final email that shachi gave to us uh yeah it's just replacing the code but it will be pretty similar it's just uh the the code with the fulfilled information uh chat P gave us he only didn't uh fulfill the name of the victim sence we could use that to some automation tool to PR to a lot of people was also a suggestion but in this case I sent to only one person uh I created uh focused uh email account to uh use that as well but we may see that also in this Mayu I sent to the person a link of a
website uh one note here as well in this case the email did went to spend but I think it's actually because I was interacting a lot of with with this email and send a lot of information to it but in the first times of the demo it was going to directly to the mailbox of the user um and when look into the email that the person received it uh you may see that it has a link to download the update and when the person click this link it will also redirect to a hinger website and what I did Bas with that was actually going to hinger uh putting a site on and it gave us an AI assistant
to build the site instead of going there and write my own prompt I just come to the sh as well and said oh now I to complete my attack I I need a hosting your website so please give me the prompt to create a reliable website as well so even the website was created by SHP uh SHP prompt I don't even even needed to think about it so here the person must follow it's also I'm thinking I'm trying to improve as well at this moment changing to see language to make it run without uh raising any uh uh concerns on the the device of the person his is the server running on the that CHP helped me create as well it's
both machine uh remote machines I'm running to simulate the the case you may see in the process manager the task manager that the update required uh file is the file we created as the key logger uh just uh beginning it is the one that is running on the system and when we started you may see that as I type something on the Windows machine it will come to my server and all this was out done using SHP interactions and not and faking and just following out the steps as I didn't know anything and to be honest with you I'm not like the coding person so most of the things he sent me I really didn't know so I learned with
sha to do that and just using a sha break so we can do that with any other system as well uh some systems have a lot of harder uh a lot of different uh guard hes that are harder to bypass but with the right time of the amount of time needed and the right instructions you can do that to almost any system and we can also need to also consider as well the but when we look for uh those uh users of AI we have systems applying AI in its back end for example and we must protect this AI as well so if we not protect the user can interact with our own applications our homemade
applications and also have those type of vulnerabilities being uh used by those users so to uh conclude our talk I just have a quick look on how we can protect those AI system science we talked a lot about how those happens and I bring here here three key points I believe that can help companies to protect from this type of thing and create more reliable systems for users and from from the for their own company so we have the to educa PL is about the RIS of llm because if we train the AI models with sensitive data as we may see we can collect sensitive data but we also need to educate the developers to
apply the guard heos as well does not allow people to use this AIS in this ways of uh abusing the the system to learn bad things or learn how to do attacks and or how to use that to perform uh huge uh attacks for other companies we also need to improve AI hardening techniques there are basically how we apply those apply those guard Hal on AI systems it's very something very new we have a lot of new things erasing in the the market about that but it's a very difficult thing to do as well sence new jailbreaks arise every day or are created every day and finally we have the red chiming that are basically chims
focused on the AI system and testing AI system that some companies are already implementing because without testing we cannot see what what is the way that this uh systems are interacting with users we must validate it to ensure that it's uh only interacting with users in the right way so finally uh I also put in this slide some uh very good Frameworks we already have uh regarding protecting AI systems and building uh safe AI systems uh we have for example the Microsoft AI Ed teaming Frameworks we have Google security AI framework EB ebm uh security Frameworks and also have e u nich and EO that focus a little bit more on the development process of AI
systems but all this help us to uh build uh more reliable systems um thinking about use of AI on on those programs so that's it thanks a lot for your time and attention and I hope that you like [Applause]
it if someone has one some question also I can uh you can find me later and ask as well I think we don't have more time
right thank you I love the talk question so um you mentioned that uh sorry I'm the light my
[Music]
AV
[Music] [Applause]
[Music]
[Music] [Music] I'm just to you I'm just TR to give you something [Music] I'm just trying to give you something I do I'm just trying to give you [Music] something uhoh uhoh
why is
this here we go
um Cent viiew load
now it's blue hey everybody cheer for technology actually working for once that's cool all right sorry it's really good yeah that's why we don't do demos okay feel free to all right welcome back to Proving Grounds up next we have Tessa talking to us about use of AI and disinformation campaigns [Applause] Howdy Folks um well this is interesting this is technically my first Beast it's uh Las Vegas at least so um nice to see everybody um of course like you see we're going to go ahead and talk about Ai and disinformation campaigns today uh quick disclaimer this talk will have political stuff duh um oh my gosh you can't do that in a talk I don't make any
statement about my own personal views or whatever in that um the other thing is that there's going to be a very short section speaking about non-consensual image generation not graphic not explicit there will be a warning all right let's get started so yeah Howdy Folks um that would be me uh if you see any of those those little stickers around con those are mine and they're now going to be yours you can pick them up um I uh I love animals all forms of Fiber Arts I raise fiber rabbits and goats um I run the main lock picking Meetup right now so if you're ever in main come say hi you can get there from here and uh yeah you can also
come up to me after for some stickers and stuff if we have time uh I've got some little 3D pry bunnies too all right so that being said uh this idea came from an offhand discussion with a friend on AI and disinformation uh we chat out a bit about how much crap is flying around the internet that's just generated it's just there it's an absolute swarm of content it's difficult to see through in many ways it is cyclical though as with any new technology the initial Title Wave comes with trials and tribulations of cross boundaries uh ethical concerns application proof of concept you know the deal uh so that's where this talk was born we'll go a little bit into some
common tools for each generative technology how it's done on a high level and some examples of it being used in disinformation campaigns um we'll also talk a little bit on the long-term effects of these campaigns because there are actually some and there's a lot more than you might think um and then finally what you can do about it I'm a very strong believer in talks with a call to action uh otherwise I've given you a problem and not a solution uh this is by no means exhaustive uh it might not contain your favorite tools and tricks uh most of these are going to be versions that are more user friendly so that people can just kind of get into them some that are
going to be web based Etc um and I'd be remiss in not pointing out hope drip over here uh some of you probably recognize this this image came out and it was passed around with a lot of folks inventing their own narrative for it um it was created in mid Journey uh posted on Reddit and lots of people started posting it as if it was a real image and commenting on it as if it was a real image so very good representation of the talk to come okay differentiating these is not going to be what the talk at hand is actually going to be about today not 100% but let's get this out of the way
uh artificial intelligence is a set of technologies that enables computers to perform a variety of advanced functions think your ocrs Etc um it's technically more of a concept it's not a direct application of the concept machine learning is a subset of AI it's a subset this is more the application of AI Concepts into very specific pieces right so feeding in data and having an average into training result or whatever all right so let's get started on audio and video deep fakes audio deep fakes use multiple iterations over very large quantities of data to train their output things like accent tone speaking Styles and emotions can even be introduced into the model which is shaped over time as with all Ai and
machine learning applications this gets better over time and with more Hands-On management of training data so you make sure there's no crap getting in there um think of it like carving a mold one that you've taken 5 minutes to carve won't be as fine and accurate as one that you've taken 50 minutes to carve and the final result of your mold is going to look a little bit better so rnn's recurrent neural networks and CNN's concurrent neural networks are two types of generation they have the equivalent of memory and analyze sequential data one after another in the case of recurrent like text and videos and spatial data which is more in-depth analysis of a single object or
conceptual design as in with convolutional and with image generation uh deep fix currently run into a lot of problems that we use to identify them by usually this is stuff like weird background noise mismatched features confusing Dimensions uh or even just general problems with sequencing in the case of RNN or videos now we have some tools here that are commonly used in this sort of generation these slides will be available on my site um and presumably on the conference site soon I think they said that I'm not going to play this it's too long um so long story short that is an impressionist who's doing are you kidding me there that is an impressionist who is doing his
impressions as his face is changing as he's adding on deep fake you know um it's not good are you kidding me what is going on okay no it's just loading um so so it's not disinformation though uh it's a performance and it's a pretty darn good one at that uh here we are on the strip in Vegas we're surrounded by lookalikes some of them good some of them really not uh what's the difference what makes disinformation it's partially context uh if we don't have control over context and narrative things start to spiral out of control almost immediately it used to be that talking the talk and acting the part was the way that you were able to
get information across if you faked it you made it uh nowadays there are a lot of ways to control a narrative in addition to that using fake accounts to support your own views acting like you're in a different position than you are when you're making claims and of course the creation of convincing media that applies directly towards your own goals now this video is a great way to showcase the capabilities of generative Technologies and how seamless they can sometimes be um in parts of this video If you go online afterwards and watch it um you'll see that there's some tiny mistakes problems with clipping but usually stuff like this in any deep fake is is not going to be super noticeable
it's not going to be super easy to find so let's get the elephant in the room out of the way immediately which is elections when I started drafting this talk a year and a half ago I didn't expect that things would move this rapidly but here we are uh you may have seen some discussion on the use of generative technology in rooc calls are similar if if you haven't that's one of the things we'll be looking at briefly um so attached to this is a clip of the New Hampshire audio uh so some of you will recognize this but there was audio sent to New Hampshire voters voters in the form of robocalls um long story
short it was supposed to be Biden saying don't don't vote just don't vote don't vote don't worry about it um and if you hear this some of you will be thinking well that sounds like garbage uh obviously it's fake it doesn't sound 100% right it sounds litted and funky but that's not the point um as some of the social engineers in the room may know it doesn't take Perfection it doesn't take pure believability usually all it takes for information like this to be the intended action is the right scenario a robocall during a fevered election targeted at voters won't catch everyone but it will catch some people and it did um 11 Labs f voice cloning software
was used for that sample most of the tools used in this presentation and for these samples you'll find are extremely easy to find or use many of them being free cheap open source available in a web browser okay so here's the other problem determining fakes is still difficult some of the factors used in determinations can also be seen in untampered media uh as a result we've been seeing cases of real videos being claimed as deep fakes uh this causes other problems with court proceedings getting stopped up or the line otherwise being blurry an example of this was when Elon Musk went on stage at a Los Angeles Tech conference and claimed self-driving capabilities for certain models of Tesla
cars in 2016 there weren't those capabilities so Tesla later rebutted these claims as being deep faked footage something that did not amuse the judge as much as I think they wanted it to and that isn't even the first instance uh the defense in a capital Riot case attempted to Discount prosecution arguments by pointing to video and image evidence claiming that they had been altered and referencing offand to the possibility of them being deep faked so with that being said let's get a little bit more into generative text this has been around a lot longer than some of the previous stuff and had a history of being just a neat thing to play with but it always had problems
with memory and the ability to keep up a conversation with modern llms better data sets more money to throw at the problem uh generative text has become an extremely useful tool for a lot of applications including disinformation these are built on data sets and work by calculating frequency or likelihood of characters uh it's why it can be so easy to algorithmically pick up on if you calculate the likelihood of the next characters words sentences then you can easily figure out how likely it is to be from a machine it also suffers from feedback loops of ingesting its own Creations causing way higher frequency of some words than is actually
normal okay let's talk about an example that some of you may have seen and that may re raise a few more flags for the way that this technology can be used in disinformation campaigns there's hallucinations of course you may have searched something in your browser only to find a ridiculous claim being bumped on to the top of the search like the the idea that Kenya does not exist in Africa and does not start with a k sound but in fact is spelled with a k sound that's not all though while hallucinations that drag up confusing results and features to the top are bad even worse is AI gaining liability for its Generations like in a defamation
case uh from Mark Walters against open AI for false and harmful information about him embezzling money there are also dumb applications of generated text like the lawyer who used fake citations generated by chat GPT in an actual court case but worst are the intentionally sneaky ones like fake websites being generated by Russian influence networks or the potential for its use in fake product reviews these things have actual effects on Politics on industry on Law and General Social trust in ways that we may not be able to measure given their current widespread and hidden
nature okay with that here comes our warning about non-consensual sexual materials if this is something you don't want to hear I suggest you leave uh it isn't explicit it isn't anything particularly big or graphic but it can be upsetting so image models tend to utilize diffusion this is a probabilistic generative model that makes use of noise injections and learnable transformations to generate realistic images from random noise generative images commonly have problems averaging backgrounds and Tiny details outside of the focus of the image images that are given greater iterations on diffusion models tend to not have this problem as badly but things like image format Focus connection of object image uh edges and color or lighting inconsistencies are
really really common problems as some of you may know so now we're going to get on to the internet's face thing and I'm not talking about Taylor Swift but I also am so this is a very specific set of incidents that tangentially involved Taylor Swift some of you may remember that in January of this year uh there was a massive onslaught of not safe for work images that were going on to Twitter SLX and unsurprisingly these were generated while at this point most tools have some basic safeguards to try and prevent this type of generation users were quick to do what they do best which is circumvent every single attempt to contain them thankfully for Taylor she's got
enough of a following that it's really easy to dismiss these photos and say uh of course that's fake but what about everybody else what about your average Joe for those working in jobs that are significantly less forgiving one errand allegation can destroy an entire career or an entire life a Creator offered on Discord to make a f minute deep fake of what's known as a personal girl meaning anybody with fewer than two million Instagram followers the amount that they were requesting for this was $65 this concept unfortunately doesn't stop there either back in May a man was arrested for possession of thousands of generated images of child sexual abuse material and he was even sending these
images to Children one of the problems that comes from the isn't just the material itself it's the training material that had to be used to create these images that means that random scraped photos of children were used in the non-consensual creation of child pornography and in the case of any generated images many of the materials used in training data were likely used without full permission of the creators or uploaders sometimes no permission at all so now that that's over with in March of 2023 an image was widely shared across the internet of smoke billowing from the Pentagon of course as the title of this talk was suggest it wasn't real uh but even so it was shared by
numerous news outlets including Russia Today and a faux Bloomberg account on Twitter and yes there are a lot of those um reports of an explosion near the Pentagon in Washington DC was the headline now in and of itself that seems like it wouldn't be all that concerning but the timing of the image's release perfectly matched with the opening bell of the stock market causing a 0.3% plummet in the S&P 500 gold prices climbed briefly General Panic ensued and yet here we are today no Pentagon issues a mostly recovered if otherwise generally not very good stock market larger surveys have been finding that this phenomenon of political and Market effect from generated images was worst post 2016 and that elections
seemed to cause a surge in popular use go figure humans inherently want to believe and talk about things that feel Larger than Life that surprise them or that invoke a ton of other emotions it's why rage bait is a thing or Doom scrolling we pick out errant behavior from normal patterns which leads me to the next part of this talk don't pay this isn't the end of the world while it's really lame that we have to do this we have to be thoughtful of the things we choose to share and review interactions and engagement Empower all disinformation campaigns not just AI based ones with that trust-based processing and emotional Consciousness are important ask yourself who's promoting
this why how do I feel about this are there any indicators of deception we inherently desire for things that feel good or agree with our views to be the truth truth and that desire for the truth should be something that we train ourselves to acknowledge and maintain a healthy skepticism towards so something that you can do is use resources available to you like the AI incident database or the True Media project contribute by adding entries of observed activity to these projects you can also create an ethical note ethical proof of concept it it's already quite easy a lot of people do it but show people how easy it is to make generated content that's aable and ensure that you
have the follow through to properly educate them on it legal efforts are also starting to gain traction for instance the Federal Election Commission held a procedural vote that's received a lot of petitions against the use of generative media in election campaigns this is a great step forward it's a show of awareness and an active attempt to do something about it the final thing you can do is teach friends and family how to identify generated Technologies and how dangerous they can actually be I know it's easier said than done one day though we may see a time when a generated piece of media causes irreparable damage to larger society not just in a single incident or
a small group of people that's already bad enough so let's mitigate or avoid that as much as possible [Applause] questions anyone
um it's pretty similar yeah so the question was is the incident database U kind of similar to Snopes but for disinformation and Ai and yeah it is there's even a tag that you can sort by that is disinformation uh start over
here so question is is there any technology out there that can help identify deep fakes um and the answer is yes there are a few um more of the commercial options are gaining ground than the open source ones I didn't really find all that many good open source ones um but yeah they're out there um so we should start seeing more of those soon
so the question oh I gota uh so the question is how did you get interested in this and it's just it's fascinating to me I started in forensics so I have an inherent desire to kind of look at things that are doing bad um and I think we have time for one more so oh acronym PC uh proof of concept basically just showing that you can do
it yes you will so I have these slides already up on my website um my website is well my Twitter handle it wait do I have it on here wait wait wait I think I think I have it on there there it is uh so I posted it on Twitter as well but it's also on my website which is that there is the domain for it so um yeah uh thank you guys so much for coming I really appreciate [Applause] it oh and come up for stickers and stuff I got a
bunch great for
made ibit I really enjoy thank you app yeah it was a little bit longer um no it's okay I do nearly as well with the Diana one but I feel a lot more comtable I'm telling you job you don't need no you come back and make sure that you do more good stuff and I want
to uh you're good you're good they got five minutes to change over [Music] oh [Music] w
[Music]
[Music]
[Music] [Music]
St [Music]
[Music]
[Music] fix that cuz that'll that'll jack somebody yeah I can see somebody that wants to move around and they go to take the mic off and yeah
okay um oh
gosh okay this didn't do this in the test room um crap
technology you will do what I tell you to do all right we've still got a few minutes about five more minutes okay
you
sure
I wasn't sure what to expect at the launch slot it's always h m it's like talking before happy hour
would
beenen right sounds good I'll try to keep tabs on it myself but it's always good to get those warnings you been volunteering for a while
all that [Music] [Applause]
[Music] [Applause]
[Music] [Music]
[Applause]
oh
[Music] ground up next we have Carrie talking to us about hacking the trust
establishment hey y'all out of all the fun amazing things going on here today thank you for coming to my room and uh listening to what I got to say I am a senior security consultant uh with about 14 years of experience um locally trained in Oklahoma uh recently got my sspy if anyone wants to talk about study materials those are fresh on my brain most of my experience does come from public sector where I spent about a decade working in Oklahoma state government my last role before joining the consultancy side I was the CIO for the State Department of Education I'm also a co-founder of bides Oklahoma and a founding member of techlahoma which is
a nonprofit in the state of Oklahoma bring different technologist together bides Oklahoma 10 years strong y'all year 11 is next year come on out and see us in April we've got a great con um I work at go security pro here's some of the things that we're good at they're helping cover my travel check us out if you're interested so today y'all we are going to talk about trust being trusted trusting others this is a massive topic that could easily be a two-day training session one day I might turn this into a workshop it'll be really really fun um but my hope is that by the end of this talk you're going to understand some different types of trust
and how to establish it quickly with others keeping in mind all things security we got black hat we got white hat there's going to be good reasons to establish trust with others the same way as there are black hat reasons so please please please let this be an experience where you let your mind Wonder to all of those Evil Genius scenarios for how you can been trust to your advantage so we're going to start with some basic terms trust in Psych ological safety these are two different things and it's important to understand the difference between these terms trust is individual how do I trust you how do you trust me psychological safety is a group
phenomenon it's something that we see in maybe your Issa chapter maybe your workplace maybe if you're on a soccer team or a sports team how do you act differently in that group if you're part of that group are they going to look at you weird if you didn't share your ideas or are they going to look at you weird if you share your ideas is an innovation do you feel that you're in trusted environment in certain places that you can take risks and bring up things in a safe space so our types of trust we got cognitive trust we have effective trust short version Bob has his sspy and 20 years of experience I can trust him on
this project that's cognitive trust effective trust Bob's got a nice smile he kind of looks like my cousin I think I can trust him when I gave you guys my intro credentials I attempted to establish trust with you you should trust me because I have this background when I gave you the talk agenda I set the groundwork for consistency am I actually going to follow my talks agenda we're going to roll the D20 and see about it y'all but that was my goal I'm going to establish trust with you here's how I'm capable here's how I can be consistent most of us here probably rely on cognitive trust in our day-to-day jobs do our end users our constituents
our clients do they trust us to build maintain deploy their systems but at the same time do they have effective trust with you when you push out changes on Patch Tuesday it's like oh man this system's going to be broken again it's that time of month it's going to happen or if you're able to maintain your systems in a productive environment do people begin to not only think that you're capable but you care about the business and because to maintain their systems you care about their Vision their mission statement and how it actually affects the business because at the end of the day security is there to facilitate the business and protect it if the business isn't running we ain't
got nothing to protect so another thing is with the cognitive trust think about if you had an entry level position open what if the candidate that hires and starts their first day is a 60-year-old pensioner what if that new hire is a 20y old both could be fresh out of college one switching careers one starting their new one what types of inherent different types of trust would you have in each of those people what types of capabilities or consistencies would you expect from them moving on to effective trust humans are naturally naturally emotional creatures we have a lot of chemicals that affect our emotions effective trust is Trust of the heart it's empathy it's trusting in someone's
capacity for caring it's less of a science because what inspires me to trust is going to be different from everyone else in this room but there are some core principles in human psychology that are standardized across the board um but you know that change manages example how does different things affect your trust that you have in your organization do people do you can you reach that true trusted advisor estate if they trust that you're capable and they also trust that you care combin the two different trusts together can have huge impacts on your goals just depending on what you're wanting to do and if you're in a client relationship or you're in Social Ops you can use
different tactics for short-term or long-term trust like okay Carrie that's great different types of trust why should we bother the answer is we can't help it from birth we are hardwired to form bonds with people we are dependent upon others to take care of us it is hardcoded in us and when I first started writing this I'm like I really want to connect with people I'm a huge introvert so like after today I'm going to go back to my room I'm like no one talk to me I'm G to be completely drained but I love this interaction and it's because we want to connect it is there um but what can we do with trust
it can help you go from an interview to a job offer how hard is it just to get that first interview then are you going to squander it are you going to waste it how quickly can you help that hiring committing no you can trust me not only am I capable but I'm going to care about your business can it increase Innovation among your staff you build that trusted environment among your staff do they begin to feel psychological safety that they can bring forth innovative ideas and they'll take risks in the environment that'll improve and increase automation increase efficiencies across the board um it's also going to help you complete Ro specific tasks and jobs um
clients trusting sales staff sales staff can completely uh establish trust they're going to sell more stuff long long term they're going to upsell uh social operators getting ringcon data and exe getting executive leadership support of your projects so let's look at some tactics effective trust tactics or how to manipulate uh we're going to go through some nonverbal or verbal one of my favorite things up here is can you help me with with Ving pretenses call on the phone start your conversation can you help me I've been getting the runaround I've been transferred so many different places every single person in this room every single person that you might call has had that experience they don't want to
be the cause of that experience you're going to invoke guilt you're going to invoke empathy in that person that answered the phone on the other line can you help me is the strongest phrase that you can use starting a vising pretense um the other thing is like if that person doesn't respond hang up call back try again till you get the right rep who does respond to your pretense um if you have staff what are your plans for the weekend or holiday this is something that you should not use casually if you're using this like cuz you know you're getting ready to ask somebody to work over time or work over the weekend no this isn't how you're
going to get someone to trust you this is something that you need to do long term show interest in your staff outside of the workplace um mirror communication styles for the love of God if you ever meet William Shatner please do not mirror his communication style but when you're talking to your leadership or you're talking to people their Cadence their inflictions how they talk your physical presence like this is a superhero pose and like shoulders up back like military marching band people here you know that stance um all of those things convey and I'm going to touch on that more on non-verbal I'm getting ahead of myself um but the other piece is an honest story have you gone
through some type of incident response that's similar to your client or the person you're talking to even if it's not your story can you tell a story you know as yours black hat white hat remember and invoke empathy and that person's be like oh that person gets me and people don't remember most of what you say when you meet them they remember how you made them feel so how can you make people feel a way that when they think about you after meeting you for those five minutes 30 minutes an hour that you made them feel respected valued in a way that you bring in effective trust that you care about them uh nonverbals these are things that
are going to be pretty St standard interview tips eye contact you're interested in someone genuine Smiles don't try to do creepy Smiles if you're on social Ops and you can't do it please y'all it is you are going to make it hard for yourself look in the mirror practice your stuff know what works for you um something else lean in when a person is speaking uh this works really great at conference rooms and tables and you are naturally drawn physically to the things you're interested in so let that body language reflect it whether you mean it or not let that person think you're really interested in what they're saying um other things handwritten notes uh I'm from Oklahoma and in the South
when we love people we feed them it makes them content and they're happy my three-year-old says mama if if that person's cranky I think they need a snack and a nap and damn right baby girl anybody that's angry give them a snack and a nap and they're going to be better um if you're in sales point out you're doing something special maybe you've got leeway Grace to give somebody a 10% a 15% discount that client doesn't need to know that hey you know you're so special I really enjoyed talking to you I think we can work this in for you tell that little why lie why are those effective trust tactics oh I'm so special they're
doing something special for me um also own your own mistakes and apologize if Integrity is huge for me and in any environment I believe that if you can't establish and maintain your integrity you're not going to be successful if you make a mistake like crowd strike come out and apologize for it you all own it I'm not going to speak to the things that are going on with a threatening legal suit but I like that they publicly apologize and own their mistake um so M you know Own It Up don't try to make excuses explain your validations but let people know especially your leadership you mess up own it I messed up here's how I messed up here's how I'm going to
make sure it's not going to happen again if you lose Integrity reestablish it [Music] immediately cognitive trust or how to manipulate it thir B y'all be yourself and remember this is capability and consistency how capable you are and are you consistent and being yourself sounds lame it sounds like I've thrown a kitten poster meme at you but it really means being introspective and being open about your capabilities where are you strong where are you weak this is how teams Excel if your teams are honest about where you're strong and where you're weak you're going to come together and you're going to lean on each other to create a better product and a better deliverable um you know and it's
everybody hates the interview question what's your greatest strength what's your greatest weakness everyone hates the I'm a perfectionist be real like I've got audio issues man I'll Zone in on a project and somebody can be standing next to me talking and I will not hear you um be cognizant of your tone of voice and your inflictions I'm a natural pessimist I'm sure everyone here is full of skepticism and stuff too and it carries through in your voice if you have problems at work and you're talking to Executive leadership that pessimism might come through your concern might come through and they're going to feel your words before they hear the meaning be cognizant of how you talk and even
the the trick the mind the me the mental model that works for me is instead of being concerned about the problem stay focused on the positivity that we have a solution we may not have a remediate full remediation plan yet but we have a remediation plan um and let them feel the positivity of explaining this solution uh non-verbal again make eye contact dress for the part I absolutely hate but it is one of the easiest ways that you can influence how people think that you may be capable if state capital in any state in the United States I better go in in business formal but if I go to Silicon Valley for an executive leadership and I to show up in a
three-piece suit I'm going to get laughed out the door Goodwill is a treasure Trove for social operators go in get yourself a FedEx FedEx or UPS logo walk into a place with an empty box and a clipboard and just see how far you can go walk in like you own the place and you know exactly where that deliver is going nine times out of 10 you're going to get straight past that checkpoint um facial expressions I'm also terrible about resting [ __ ] face um so uh be cognizant y'all uh I'm not saying you got to know how to play poker and win in Vegas but you know keep that in mind um for long-term trust I mean
again y'all Integrity take action if you said you were going to do something then do it if it's something as simple as you're passing someone in the hallway or they send you a teams message and say hey I'm I'm really busy I'll follow up with you later next thing you know it's almost quit in time and you still haven't followed up with that person shoot them a quick email send them a message hey the day got away from me I'm really sorry own your mistake apologize right off the bat but I'm going to come see you first thing in the morning or hey can I get 10 minutes on your calendar I'm so sorry we're going to fix
this address it be on time I'm also perpetually late I'm telling you guys to practice what a prach not what I do so coming on time to certain things being prepared um and then reverse engineering what others needs that sounds really sexy and cool but that's really just being a good human and being good to yourself stop and think about what someone else needs your projects aren't getting funded how are you presenting them you got another department their [ __ ] is getting funded go talk to them how are you presenting your stuff go talk to the chief of staff talk to the CFO what did you like about theirs but you didn't like about mine any new IT
director CIO best advice I can give you make friends with the CFO they're going to fund your stuff granted they don't want cyber security fallouts as much as you do same thing if you got a separate procurement officer um also um your HR make friends with HR um we're going to make rules for security but HR is going to enforce them um so when you think about reverse engineering what others need whether it's in an Enterprise environment a workplace or social operations or sales think about what those people need and how can you change your delivery to focus on how your solution fits their needs furthers the the business mission statement whatever that section is lowers a budget saves
money um gets the information that you need makes them feel a certain way there's a lot of um fishing engineering tactics going on where malicious actors are establishing care with people they're going through long series of text messages and different on messaging platforms establishing friendships with people and eventually getting them to send them money reverse engineer what people need take that how many different layers can you take that to places to be more successful in your endeavors so one of the last thoughts that I want to leave you guys with is maso's hierarchy of needs so we think why bother with trust it fulfills a need whether it's your staff your engineers your targets your victims they have
needs that they need to have fulfilled so it's a human condition to want to connect with others using these tactics are going to take practice some of them you might be really good at you're naturally good at other ones you might have to work on but if you use some of these tactics to make sure your boss knows and Trust in your capabilities could you get a raise or a promotion within the next year if you start a security awareness campaign at work does it become more successful because the end users don't just trust that you're capable of safeguarding their systems they trust that you care about them can you throw in little tidbits to your
security training that it's not just about Safety and Security at work but it's their iPhone it's their home computer I care about you not just you at the business will they actually start reporting suspicious activities I mean granted we all don't want a 100 emails saying we got this fishing campaign please stop telling us we know we got hit but they'll start telling you things maybe it's maybe it's we got this business process and we've been sending this [ __ ] an email wait what and you know you have encrypted email right so how can we get in depth embedded into business process and secure everything um it's also it could change the Dynamics of your team if everyone felt
trusted or psychologically safe enough to bring up ideas what would happen um I made um my team everyone had to have a side project and I didn't care if they made progress on it but it was part of their performance evaluation you had to have a project and make some type of effort towards it I get it if you're busy whatever but make some type of progress towards it and I had database developers come in my office one day and they were so excited Carrie we just found a place where we can automate a thing that takes us 15 minutes a week okay show it to me and they didn't think it was that big of a deal and
they're like yeah we're going to automate this yada y y and I'm like do You' all know what you've done and they're like yeah and I'm like no you just saved yourself 15 minutes it's a week multiply that over a year I was able to take that information to the CFO and get those database developers AR raise is you do the math on their salary and they saved 15 minutes a week take that information take it back into the business show your staff that you care and you appreciate their efforts and what will they do to make your business better so one quote um I'd like to challenge you guys anybody can go hack aist but can you hack a person besides
black hat Vegas I challenge all of you guys hack a person while you're here not just a system um if anyone wants to connect uh here's my information as well as my company information uh I'd love to hear from you guys or if you guys would like a copy of the slide if you want to know more from me I've got some business cards up here and I've got some stickers um do I have any questions from the crowd anybody want to share something they learned or uh a new evil Insight that's yeah I'm going to go hack a person doing this keep your secrets don't don't share them with anyone keep your tactics to
yourself don't be like me don't share your tactics all right thank you guys you've been [Applause]
lovely oh awesome oh that's great thank you
thank you okay cool um I'm gonna I'm G to go out with my ment for a while and I'll let you know
[Music] la [Music] a [Music] oh [Music]
[Music]
[Music] [Music]
[Music] [Applause] [Music]
[Music] a [Music]
[Music]
[Music] a [Music] [Music]
[Music] he [Music] [Applause] [Music]
[Music]
[Music]
[Music] oh [Music] [Applause] [Music] hey hey hey hey [Music] [Applause] [Music] a [Music]
[Music]
he
[Music]
[Music]
[Music]
[Music] track [Music] back [Music] he hey hey hey [Applause] [Music]
hey hey he he hey [Music]
[Music]
[Music]
[Music] he [Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music]
[Music] [Applause] [Music] he [Music] h
he
[Music]
oh h [Music] a [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] I'm just try to get something okay I do I'm just TR to give you [Music] something I'm just TR to something I do I'm just TR to something [Music] m [Music] w [Music] [Music]
[Music] [Music] I'm just try to give I I'm just try to give you [Music] something I'm just try to give something I I'm just trying to give you something [Music] oh [Music] w
[Music]
[Music] [Music]
t [Music]
[Music]
[Music] [Applause]
oh [Music]
[Music] [Music]
[Applause]
why
[Music]
[Music] n [Music] oh [Music] oh [Music]
[Music]
[Music] he [Music] [Music]
[Music] [Applause] [Music]
[Music]
[Music]
[Music]
[Music] [Music] [Music] [Applause] [Music]
[Music]
[Music]
[Music]
[Music] [Applause] [Music] hey [Applause] [Music] [Applause] [Music] he [Music]
up [Music] you [Music]
[Music] track [Music] hey hey [Applause] [Music]
hey hey hey hey hey hey [Music]
[Music]
[Music]
w a [Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music]
oh [Music]
[Music] [Applause] [Music] he [Music]
[Music]
he
[Music]
[Music] h [Music]
now
[Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] I'm just TR to I I'm just TR to [Music] something I'm just something I do I'm just TR to give you something [Music] h [Music] w
[Music]
[Music] [Music] I'm just I'm just try to give you [Music] something I'm just trying to give you something [Music] I I'm just trying to give you something he [Music] m [Music]
[Music] a
[Music]
[Music] he [Music]
[Music]
d
[Music]
[Music] [Applause]
[Music]
[Music] oh
[Applause]
[Music]
[Music]
[Music]
[Music]
the [Music]
[Music]
n [Music] [Music]
[Music] n [Music] [Applause] [Music]
[Music]
[Music]
[Music]
[Music] a [Music]
[Music] [Applause] [Music] oh [Music]
[Music]
[Music] he
[Applause] [Music] hey hey hey he he [Music] [Applause] [Music] [Applause] [Music]
he [Music] he
[Music]
[Music]
[Music] [Music] TR [Music] hey hey hey [Applause] [Music]
he hey hey hey hey hey [Applause] [Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music]
[Music]
[Music]
n [Applause] [Music]
[Music]
[Music]
he
[Music] h
[Music]
[Music] w no [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] I'm just [Music] TR I'm just try to give you something [Music] I'm just trying to give you something spooky I do you I'm just trying to give you something [Music] w [Music] [Applause] [Music] [Music]
[Music] [Music] I'm just TR to I do I'm just tring to give [Music] I'm just tring [Music] something I'm just trying to give you something [Music] w
[Music]
[Music]
oh [Music] [Music]
[Music] a
[Music]
[Music] [Applause]
[Music]
[Music] [Music]
[Applause]
oh
[Music]
[Music]
[Music] oh [Music] oh [Music] a [Music]
[Music] [Music]
[Music] [Applause] [Music]
[Music] oh [Music]
[Music]
[Music] [Music] [Music] a [Music] [Applause] [Music]
[Music]
[Music]
[Music] oh [Music]
[Applause] [Music] hey hey [Music] [Applause] [Music] [Applause] [Music]
[Music] he [Music] he
[Music]
[Music]
[Music] track [Music] back
[Music] hey hey hey [Applause] [Music]
hey hey hey hey hey hey [Applause] [Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music] he [Music] [Music] [Music]
[Music] [Applause] [Music]
[Music] w [Music]
oh oh
[Music] h
[Music]
aah [Music] [Applause] [Music] [Applause] [Music] h
[Music] I'm just to give [Music] something I'm just to give [Music] something I'm just TR to something do I'm just TR to give you something [Music] n [Music] w
[Music]
[Music] [Music] I'm just I'm just dring in [Music] something I'm just dring in [Music] something I'm just trying to give you something [Music] m [Music] w
[Music]
[Music] [Music]
[Music] is
[Music]
[Music] all [Applause]
oh [Music]
[Music]
[Applause]
[Music]
[Music]
[Music]
oh [Music]
la [Music]
[Music] [Music] [Music]
[Music]
[Music]
n
[Music] [Music] [Music] [Applause] [Music]
[Music] a [Music]
[Music]
[Applause] [Music] he [Applause] he [Music] [Applause] [Music]
[Music] life easier they have a number of different pcrs and so you can pick which PCR you write to to mean that you don't have to look at all of the data all the time here's a visual to explain this a little bit better when you first turn on the system there's going to be a little snippet of code that's going to measure the UI executable image it's going to Hash that and write that into PCR z uh then the U is going to run it's going to measure the bootloader hash that again and write that into PCR the bo is going to run hash the OS write that into another PCR Etc um now once you're in
the OS you can read back those PCR values to figure out if your boot process is good or not in the event that we have an evil bootloader that's been compered with tampered with or compromised um we'll see how that works here so the root of trust is going to start again and it's going to measure the UI uh and the UI is going to measure the bootloader then it's going to start running the bootloader which is not great because we know that this has been compromised however that measurement in pcr1 is already invalid and since you you can't delete values from pcrs you can only extend them there's no way for the evil bootloader to overwrite PCR 1 anymore
and make it look valid and this is the the basis for the the setup that we're going to be looking at today which is automatic dis encryption so with standard dis encryption you have to type your password every time the computer boots and this is not great um it presents usability concerns because some devices don't have people to type passwords into and it's just very annoying every time you open the lid do that so the system with a TPM is that the TPM has the dis key stored and it will look at pcrs and determine whether or not to release the dis key based on the value of those pcrs so if everything looks normal it'll give
you the key but if there's an evil boot loader it'll notice that it's different and then refuse to give the key so the boot process won't continue um there are a number of predefined PCR values and I've selected a few of the most important ones here um you often see these referenced in tutorials um and most significantly is that last one PCR 9 is a measurement of the kernel files like the image and the init Rd so that was a lot of information I'm going to go recap that again just to make sure that everything makes sense here here's our whole system now we've got the TPM added as well as all the stuff up top we're going to first power
on we're going to measure the UI into the TPM then the U is going to run it's going to measure the bootloader bootloader is going to run measure the kernel kernel is going to run measure in Rd and now the TPM has all of these measurements the init Rd is then going to request the dis key and since all of those measurements look good the TPM will release it and then the init Rd can decrypt the root partition and we can continue booting normally so in theory this is a great system um your computer will boot up just fine um and then assuming your login screen is secure uh there's nothing that an attacker can do with a
turned on computer and if they try and turn it off and tamper with a disc it's all encrypted so there's nothing they can do uh but there's a problem if you go look online for tutorials on how to do TPM automatic encryption you'll see command lines like this they'll say hey use this utility system decrypt enroll or use cevis and they'll specify what pcrs you should use and and they'll usually say something like oh yeah the default is is PCR 7 which is secure boot that should be fine or maybe you'll throw in zero because you want to check your firmware um this is missing PCR 9 which means means that the kernel image and init Rd are not measured um that's a
pretty big problem so you know we're attackers what are we thinking in it Rd is not measured it's not encrypted it has the logic to obtain the dis key from the TPM and it has a well-known structure so what if we just modify that what if we make it print out the key it turns out it's actually very easy to do this so This demo attack that I'm going to show off here um is targeting cevis um if you're using a different disc encryption system you'll have something similar but it might be slightly different so the first thing you need to do then would be obtain the hard drive um this is not an attack you can do
remotely uh because you can't really grab a hard drive remotely but once you have that hard drive um go look in the EFI partition and you can find the init Rd um I've highlighted it in blue here uh you're going to take that and extract the files um there's a tool unmake init ramfs that's useful um you can also do it manually because these are a cpio archive um inside of the extracted files um there's going to be a few scripts uh the important one that we clear about here is called clevis um in the the path shown below so the the main target of the attack is this function here uh there's a lot going on but we really only care
about the blue line again um the rest of it is mostly just reformatting and and modifying the data that it's getting uh but that blue line is where it actually sets the value of this decrypted variable which is the Raw dis key that it's just obtained from the TPM so all you need to do is just add a few Echo statements and then as sleep so that it'll pause um and when this runs it'll now spit out the dis key onto your screen again it's a standard format so repackaging is quite easy and once you've done that uh you boot the computer when you do this you'll hopefully see an image like this uh where I've got a bunch of stars and
then I've got the disc key printed out at the bottom there 3j % J whatnot um it's important to add a sleep statement because otherwise it will scroll by so quickly that you can't read it um but that's it that is the actual dis key for my server at home right now so this is a sort of a weirdly simple attack uh you're taking a little glorified zip file adding a few print statements and then putting it back together it may as well be a debugging Command right uh and it has thankfully a similarly simple way to stop uh all you need to do is make sure that you actually measure PCR 9 so in that
earlier command um just add PCR 9 um if you're using Crypt enroll it's the same thing and this completely stops this attack and I wish that more people would say this and that's why I'm here right now is because online there are so many tutorials that don't talk about how important it is to select the specific pcrs that you're actually using to go into a little bit more detail on this um pcrs each one has a specific purpose and you need to decide what do I what am I worried about an attacker actually changing versus what am I less concerned about because if we look at something like the firmware it might be very hard to actually write
malware that compromises the firmware enough to then you you know obtain the dis decryption Key by like tampering with the next stage of execution in memory or something um that's that's a lot of work and so for the average person that's just not really a concern um but I I I think that you know the init MFS one is so simple that it should be a concern for the average user who is using dis encryption um also remember that based on how this works the TPM isn't actually determining if something is malicious all that it knows is that it's changed so if you measure in MFS and then you run an update that requires you to rebuild that you will
need to type in your password until you can re-update the TPM PCR values um so the the more pcrs that you pick the more secure you will be but also the less usable it will be and that's why I think there's there's a trade-off to be made there um a final note there is people often talk about secure boot using pcr7 in general I'm of the opinion that this is pretty much not relevant uh there are a number of issues with secure boot uh and you might have seen recently that uh a whole bunch of laptops have shipped with secure boot Keys labeled uh test only do not use or something along those lines of which have known secret Keys um
so unless you actually know how secure boot Works uh and you are doing your own Keys locally on your system it's it's probably not worth configuring if you want full details on each pcr's function um you can find them at the Linux TPM PCR registry um I have a link to that below you can also just Google it a couple closing notes here um so first off is that even when you do have a manual password system that's not automatic um in it Rd is still required to to do that decryption logic so I am pretty confident that a similar attack is possible um it's a little bit more in-depth because now what you're going
to need to do is sort of make an implant in in at Rd that will save the password and then cause a process to call out later to some Beacon server but if you're interested that might be a fun attack to set up um that's why I think that even if you are using a manual password it's probably still a good idea to try and make that work where you have both the password and the TPM um that'll just increase the security of your system even further um secondly this is not sufficient to fully protect you against a physical attacker um if you have a TPM chip on your motherboard uh there's a technique known as bus
sniffing where you just plug some wires in and you can measure the data over the wires um I've also done this it is shockingly easy uh but it requires moderately Advanced Hardware or decent knowledge so if you're actually concerned about a physical attacker doing an evil M attack on your computer be careful there are there are lots of ways they can get you um again I mentioned that earlier that uh updates may require you to enter your password at least once um this is just a general usability thing with TPMS uh there are ways around this like temporarily disabling uh your disc encryption during one single Boot and then deleting the key later but a lot of these have their
own issues so that's an area that you should look at if you're actually interested um and finally ask yourself do I need dis encryption uh I'm not convinced that most people do because the the main threat model that a lot of people have is someone steals your laptop and then flips it for some quick money uh they're not going to go through the files they're just going to try and get it out of the state as fast as possible so they can sell it to a fence um take the time to actually understand your own personal threat model because that is where a lot of these decisions should stem from so in conclusion use PCR 9 thank
[Applause] you looks like we have a few minutes for questions uh does anybody have any questions uh see here over there in the back so after use this method to seal your
yeah so the question was um after you seal uh a a key to the TPM you get a data blob where is the data blob stored um and so there's actually two different approaches you can take the TPM has a very small amount of nonvolatile storage and you can write directly to the TPM um or you can take the sealed blob and write that as a part of your init ramfs um either way it's pretty much not possible to to tamper with it effectively because the sealed blob is is encrypted by a key that never leaves the TPM
yes uh so the the easiest way to to to know is is during configuration um I believe there may be a way to check the policy that an object was sealed with but it's very awkward to do so because the actual TPM apis are are kind of awkward um luckily updating a system encryption is is quite simple you can just run the command again because you don't need to re-encrypt the whole Drive you'll just sort of re-encrypt the actual key there's sort of a two-layer process there so I don't know if there is a super easy way other than checking what commands are run when you configured the machines yes go
ahead uh I am I think it's either PCR 9 or PCR 8 um you'd have to check that one yes it is an option I'm sure sorry uh the question was is the kernel command line measured
yeah so the numbers are all standardized up to to S and then eight and N are true for grub as well as most other bootloaders but not necessarily all of them uh if you are not using grub you should probably check your documentation the question was are the PCR values all standardized any more questions one more in the back does Windows uh so Windows bit Locker does a similar thing but I'm not actually aware of how it uses PCR because you can't configure them uh so it's probably not vulnerable if they did their job right there is actually another thing related there I'm sort of annoyed about with that but whatever in the back the question was why not just use a
hardware based encryption standard um so there's there's a couple things there one do you trust that the SSD manufacturer who's done opal actually did it properly uh there have been documented instances where uh this didn't happen um and second I'm not actually sure if these necessarily are mutually exclusive uh I think at least sometimes the the configuration for opal is coming from the system and how it's doing dis encryption um so I'd need to do more research on exactly how opal works but there are definitely some reasons to not just trust opal by itself cool I think that's everything thank you very much [Applause]
[Music]
he
[Music] h oh [Music] oh [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] I'm just trying to get something this I do BR I'm just try to give you [Music] something I'm just tring to give you something I do you I'm just tring to give you something [Music] w oh
[Music]
[Music] [Music] I'm just TR to something I I'm just TR to [Music] something I'm [Music] just I'm just trying to give you something [Music] w [Music] w
[Music]
[Music] [Music]
he [Music]
[Music]
[Music] [Applause]
oh [Music]
[Music] [Music]
[Applause] this is Michelle edar and and she is here to speak on the immortal retro futurism of mainframe computers and how to keep them safe yes thank you thank you welcome everybody this is uh my first talk presenting for cyber security so it's a very special moment thank you for being here with me today who am I I'm Michelle edar as mentioned before I'm a security consultant at netspy um meaning I'm a pentester so that's what I do by trade um I've been there a couple of years I focus on main frame pen testing I do web applications as well Network penetra penetration testing so um I have a background in accounting finance and project management and uh passionate
about Legacy tech security I also have you know a little hard out for industrial control systems but mostly it's a Mainframe type of world for me so and I I got to give a shout out to my homie Phil young here who actually pulled me into Mainframe um it was a great very long conversation we had that consisted of of two sentences wherein he said you know I'm thinking of getting you into main frame and I go that sounds cool and about a year later here we are so it was it was great it was great great introduction there um today we're going to do a quick history debrief about what Mainframe Tech even is some
notable changes that have occurred over the years with the technology we're going to wait for him to pour the ice and the water in the back thank you sir it is 100 plus degrees so we are thirsty and then we're going to look at some Mainframe today as far as why people elect to use it what are the strengths of it um we'll look at some Modern threats to the Mainframe ecosystem looking at some of the Integrations that can introduce threats and also some things that we see in our pent tests uh when the main frames themselves some sort of inherent insecurities that we might find uh and then some tips to secure I a bit biased of course I'm a
pentester so I'm definitely coming from the red team side the offensive security side but we're all working together here so the goal is to make things more secure whether you're defending or attacking all right so first I'd like to see who does not currently work with Mainframe uh great great anybody with a hand up want to keep it up and say what you think Mainframe isine Mame yes can you define it this is I'm asking you
guys I can make that AR we will have an argument a you trust to not die right yes that's that's pretty close that's pretty good definition so they are computers they essentially are you know high performance computer systems they're specialized they have very fast input output they do billions of transactions on on a daily basis um they have you know unique operating systems like zos or Linux on IBM z um they're computers so they're just special fancy computers that we really like they're very strong we'll learn more about them in a minute uh we're going to look at some myths Now versus facts okay so one myth is that Mainframe is outdated right this is a
picture I love old pictures you'll see that um you know this is like 1960s era it's basically one computer in a huge room and that's it or maybe you're thinking about an 80s movie and there's the terminal with the green type face um all accurate as to that time frame uh but they have continuously evolved they're among the earliest systems to adopt things like virtualization built and Ron there's AI stuff coming down the pike as with most Technologies we're seeing today so they're not locked in the past they are current and being used right now another myth is that cloud replaces Mainframe um unfortunately that's just not the case we have things like Regulatory Compliance and varries
to entry that make that impossible so if you're looking at the military they can't put their databases in the cloud right disallowed if you're thinking about you know your Healthcare records your you know maybe uh Banks we do a lot of Bank testing so all of that can't be in the cloud either right it has to be a little more locked down um and then hybridization I want to say make a note of this as far as the cloud environment we're more likely going to see hybridization as opposed to a full out replacement so think this elt that's a it's ex I can't remember the first word but it's you're you export load and then
translate yes that's what it was so you take what's on the main frame right you're export that data and then you load it to the cloud and then once it's in that final platform then it gets translated right so as opposed to trying to translate as you go or try to translate within the Mainframe environment something from cobal right you can take different steps to get there so now once your data is in the cloud then you can do your analytics on it then you can apply it to you know different different AI Frameworks and things to get what you need out of that data that has been stored in the main frame okay and last myth I want to touch
on is it's just too specialized who even does it right how many people are are best friends with you know Mainframe people not many um yes I can be your friend now too um well it is specialized I'm not going to lie to you but there are initiatives under place to make Mainframe more accessible so I was just at a conference in March uh it's called share and they do a couple of them a year it's like the biggest Mainframe conferences that occur in the United States every year um and I met a lot of people that were you know early career professionals or um people who are in college actually learning cobal learning these very Mainframe specific uh
languages and things about the stack itself so that they can specifically work in this industry so there are initiatives in the industry to build that Workforce that did take a hit there was a dip I would say from the mid 90s to like the 2010s where there weren't a lot of people coming into the workforce it's being addressed uh so that's cool and then we're seeing things you know of course Watson X AI code assist to translate Cobalt to Java it's a lot easier to find a Java developer then to somebody who works in Cobalt even though that is being addressed um we're coming at from different angles to sort of rebuild this Workforce and get more
traction in the industry so practitioners we're coming back up okay brief history as I mentioned before and the old pictures I love these okay so this is the US Navy uh Bureau of ships 1937 you've got analog computers mechanical calculators tabulating machines these were not digital devices right this is like prototype type of things this is sort of like the very very old school beginning uh used for Gunnery calculations navigation engineering tasks military right this was not available to businesses or anybody else this was just for the military uh for you know wartime efforts in 1951 we see with the E Mockley computer Corporation now we're getting through commercialization okay now we're seeing it used for the US Census they
created the univac here um to process the census data and you know businesses could start getting in on this it wasn't just Rel delegated specifically only to military applications at this time um and then of course we had Magnetic Tape come into place which replaced Punch Cards um because who wants to use Punch Cards you know maybe just for fun but not for work 1965 uh oh this is great the ibmc system 360 they released unified architecture so previously you would have different main frames right these different boxes and they had different languages they couldn't talk to each other you had to have someone special ized in each you know maybe operating system on each one
so unified architecture changed that it made it so that each of the systems could talk to each other so you could train in one thing and work with all the systems really cool and then of course we get the solid state replacing the vacuum tubes vacuum tubes are no good in an earthquake obviously so that was a great jump uh 1970 Innovation continued magnetic fate core is replaced by silicon Dr memory chips virtual memory was introduced dynamic translation also became a thing so main frame at the Forefront a lot of these things that we're still seeing in use today really awesome stuff 1991 oh we had some bad news okay there was a death announcement right this notable
guy steuart alsop he was a talking head uh of tech Innovations and things that were occurring in you know in culture right he was saying quote I predict the last Mainframe will be unplugged on March 15th 1996 it just didn't happen I think he later retracted a statement you know um but I think it's interesting that happened and so when I mentioned previously that there was sort of a Workforce slowdown and a a a Slowdown in um you know budgeting for building that um this is this is part of the reason why okay but as we can see that it is still in use by Finance by Healthcare Industries government um and Aviation as well uh and of course there new
developments so there are some it's already in place but there's some machines coming out next year that are going to be even stronger in this area there's some changes coming with the telum processor as well um we're going to have some realtime AI inferencing for fraud detection so instead of having your card you know someone runs it like someone in my family actually there was like an $800 Legoland charge like where we're not in Legoland what happened uh so instead of even getting a call 20 minutes later um as that transaction hits the main frame and it's processed you have real-time fraud detection at that moment so that it could you know feasibly stop it from proceeding to the
point where now the credit card company has to eat that cost right because that's what they do now with fraud so something to consider Forward Thinking okay so why why do we use Mainframe okay we've we understand a little bit about the history how it came to be what it is um these are three things you're going to hear about it when you're talking to somebody who knows Mainframe who cares about Mainframe reliability availability and serviceability right nice acronyms we love our acronyms R um so reliability it's got built-in redundancy across the various Hardware levels your input output paths your power supply your memory processors has error detection and correction right and it can handle
up to seven magnitude earthquakes um so if you're looking at something like the NASDAQ right New York Stock Exchange they cannot have more than 5 and a half minutes of downtime in a given year in a year that is it that is the max so it's like 99.999% uptime is required for these industries so Mainframe can do that that's why they use it one of the reasons why they use it availability right you want to make sure you can get your data got transaction roll back checkpoint restart complex job scheduling um and this is just an example about the z15 190 configurable cores on one system so you're making your own finely tuned bespoke system
within your main frame just basically out of the box very very cool stuff and serviceability I love this they're modular by Design so if part of your system needs repair or updating or you have to take a piece of it out you know we have things like parallel sysplex and basically you can just take this piece that needs to be fixed or changed and all those workflows all those processes are going to move over to your other parts of your main frame and there's no stop there's no pause you don't have to shut your entire system down just that one part that you're fixing at the time so there's no again there's no there's like almost no
downtime it's pretty great um in-depth logging so you can solve your problems more easily on-site accessible for repair and maintenance so if you think about a distributed Cloud environment um quick story again from my life I was I live near Google plant and I was you know just a big Warehouse with a bunch of servers driving home night I could see at the plant all these police cars and a couple fire engines maybe an ambulance or two in front of the building lights like what is going on and then the road that led up to it was all blocked off same thing I didn't know what was going on I may never find out right was there fire was there like a
physical breach if your data was there would you know would your organization be told like oh well we have different regions and what if there was like a coordinated attack on all the different regions something to think about but if it's on site at your facility right hopefully you would think that your own security would you know you would be able to understand more quickly what is that's going on versus waiting for some kind of report from whoever is holding your data at that time okay so um your access is more tightly controlled huge benefit of Mainframe right oh this is great okay so we talked about the earthquakes right uh let's hope this plays but so about I
want to say eight months ago there was an earthquake in New Jersey uh it hit a campus that had 200 Main frames on it about I think it was 4.5 magnitude not a single main frame was damaged there was no downtime there was no loss of productivity whatsoever they do this on a regular basis they shake the dick ins out of these machines you don't want to do this to like a normal sery rack I don't think but a main frame you can and they'll be fine yeah we're almost done here I mean you just imagine oh my gosh that'd be so scary test complete love that all right the next one okay so I skipped
ahead a little bit but you get the gist of where we're going here we understand why we use Mainframe right we understand it's strong it's reliable it's fast billions of transactions input output unmatched um but what are some of the threats right what are some concerns we have in the Mainframe landscape so this is going to talk about the expanded attack surface with Integrations that occur as part of the entire topology that Mainframe is a part of right so this TJX company's data breach was a payment card data breach I hope that's not too small of a font for you guys but this exposed 45.7 million credit debit card numbers and this was a weakness in
the wireless network right so we're going to see a trend here this one was a wireless network weakness this next one is the Heartland Payment Systems breach 100 million cards exposed so this is more than double the previous one this was at the hands of a global cyber fraud operation and is a combined attack of network and application vulnerabilities all right this next one Equifax data breach those 2017 now we're up 147 million users compromised and this time it was a web application that provided the initial access so in each of these instances we see that it wasn't initially the main frame that was breached on its own was other parts of the entire topology that
were used to Pivot into the Mainframe to then exfiltrate the most critical most private data okay and then this one um this one was in Sweden this was a big one really big one uh this dramatically changed how the entire government dealt with their data um the whole investigation is actually public so if you do a bit of research you can get the documents offline um I'm pretty sure it's in Swedish uh you might I think there's some in English but it's not as it doesn't have as much in it as maybe the Swedish documents but you guys can figure out how to translate it if you really want to get into it and find it
it's there um initial access through the FTP network connection of 23 we don't like that that was present that was part of it um the hackers use Hercules which is an emulator to run zos and they downloaded files and tax processing Source they got all the source code for the tax processing software from the logic servers from the government servers really bad news um I use an emulator for my testing actually I use x327 so it's not like impossible to get these and use them oh 10 minutes oh my gosh I okay they use zero day vulnerabilities but part of those were uh default configurations right don't use default configurations please uh let's see we'll
go down a little bit and you guys can read that they use John the Ripper open source stuff like it's not incredibly complex people just chain things together and then they make an attack so just be safe and be aware okay um I'm going to show you a demo now right I'm tell you what the demo is real quick and I'll show you it um so what I'm going to do in the demo is I'm going to authenticate to a logical partition an lar which is a like piece of your Mainframe remember I told you about the configurable cores and creating your own bespoke environment right so you have your alar you see me authenticate to it
assume that the end points that I navigate to have already been enumerated previously in the same pentest okay and then the access for the user that I am authenticating with is restricted right it's a lower level user so it only can get to specific resources um and we're going to think okay well is there another way to access let's take a look okay so this is our Nets by elpar right logging in through TSO this is me and drop in my password here okay ispf now what I'm doing is I'm getting to place where I can use a sort of Unix based um command line utility within the main frame okay so that's what I'm doing here you can put commands
in here but now once I'm here it so you know this is a little more familiar for people who use something like Linux right so I can use commands like CD this is an endpoint that has previously been enumerated right oh I found this op Secrets what's what's in there okay I'm going to list it out with my LS command got a readme.txt and an SSH key okay let's cat the readme this is the SSH private key you need to Lo as an admin do not share darn okay well what if I just try to cat the SSH anyways can I do it that permission denied okay game over or is it no it isn't I can go to
the same IP over the web interface just using Port 880 right oh no have I authenticated no I have not so this is another endpoint right was previously enumerated we know it exists this here when I use that feature it retrieves data from the main frame right that's happening on the back end I don't even need to use an intercepting tool I'm just using the network tab in the browser okay so now I'm going to generate the request by issuing this all right here's my post request I'm going to crack that open and see what's in it you know we're going to see some headers and then we'll see what's in the message body at the
bottom here okay sorry it's so small but this is this is part of the request that is retrieving the files okay so what if I change that to the existing endpoint that I'm already aware of with the secret file is it going to work I 200 okay sounds promising okay so there's the end point I went to uh what's in the response do you think I got anything I I did I got the yeah yeah well this is thank you yes um yeah so this is completely unauthenticated right I could not access this file as an authenticated real user on the main frame itself within the system because I was not an admin level user so I just went to the
web app completely unauthenticated and modified the request and now I have whatever I want I could probably u pull a whole lot more out of there this is just a proof of concept um but this is based on a real finding from a real company it's not exactly like this because no one wants to get in trouble but this really happened so it's important to secure okay um so that in mind is the main frame itself secure outside of these sort of external peripherals that are making it uh you know insecure and dangerous well yes so these are some things that we do see in our pentest broken Access Control local file includ of data sets Unix files insecure FTP we
see this a lot unauthenticated access you know there have been instances where I would log in but actually not log in like I would start the authentication process back out and I could still run CICS or kicks commands or maybe run Kims and run these you know sort of they should be authenticated process is I should be at least authorized to run them and I'm not even authenticated so we do see this stuff SQL injections and db2 databases job control language injections Rec scripts injection security misconfigurations default credentials like we saw in the logic attack we password policies we get mixed you know case in uh insensitive passwords all the time uh or people not
using something like an external security manager I think most big shops are using something like this um but just in case please use it if you're around Mainframe okay Implement these things as possible so how do we secure right we see that maybe there's some in Securities in the main frm itself and maybe with some of the uh Integrations that we find okay so here are some ways to secure as The Blue Team side I promised you earlier today um secure with network controls please keep in mind your entire topology don't look at Mainframe as its own sort of off in the corner Tech by itself because it's not it has API calls it has maybe you're you
have your Cloud Integrations maybe you're trying to roll out some AI inferencing who knows what you're doing but you got to keep the whole topology in mind um make appropriate use of your logical partitions regions your esm tools disallow unencrypted protocols disallow unencrypted protocols please and keep up with your pouches and updates good advice for anybody doing anything with a computer ever um secure with compliance CSI Benchmark CS CIS benchmarking and that's actually I love this one the DSA sticks right this is Department of Defense I've used this on an actual test so I had a db2 test and they had actual commands that I could go to and just pull run this command and
see if you can you know get this file run this command and see you can elevate your privileges it's very very very helpful um and then secure with your ongoing reviews monitor your traffic with stock logs are robust take advantage audit your identity and access management on a regular basis Implement MFA Implement MFA right yes please thank you thank you so much um and establish recurring audits for all of your features and conduct frequent pen testing I love a good internal pent testing team right it's a different mindset of course because they're closer to the STA back you know maybe they come into play when they're rolling out a new feature or something and they need to
poke at it before it becomes live for whatever reason um but as far as getting a fresh set of eyes you know that's what we do that's what I love like I'm not going to get your source code typically on an engagement I'm just going to go in there and see what I can safely break and then tell you how to fix it so that I can be much more secure in the long run for everybody involved okay so as a quick review what did we discuss today what did we cover all right here's a summary Mainframe is not going away anytime soon right steuart alsop was wrong it didn't die in '96 All right we
rely on it globally to support Finance Healthcare government and other critical Industries there are more possible vulnerabilities now and more all the time with the increasing uh Integrations in the environment but with diligence we can combat these threats together right so thank you again please stay connected again I'm Michelle Edgars security consultant at nitpy you can get me here
yay thank you thank you I was talking really fast to fit it all in he said at three yeah if there's any questions I have evidently three minutes did a yes Phil oh no how have you been enjoying your main frame Journey how have I been enjoying my Mainframe Journey um I love it I love sort of semi- Niche things I love Legacy Tech I love complicated complex environments and Mainframe is probably the least easy thing I've done in pen testing so I love it for that reason it's very difficult so yes yes
uhuh so I would say from from my side with what I do what I see is if there is um anywhere from like a high to critical finding they addressed almost immediately like we have to give a status reports basically same day so if it's very dangerous we tell them almost immediately and they do fix it pretty rapidly I'd say they're pretty responsive to medium findings as well but the lower end maybe there's a bit more lag I would say as far as you know most organizations not even just people we work with but in general um you typically put out the fires first
so does it affect the back end directly uh yeah so they just have to tighten down their access control
[Music]
issue I can hardly hear him and see his face yeah so I don't know I don't know if your question was answered by Phil or [Laughter] not
yes yeah yeah I IBM has this oh sorry you can finish
I I think it's worth it to invest in what you feel most passionate about truly um don't just chase you know what's hot or what what has money right make sure you have a bit of passion in it um but as far as resources for early career professionals uh IBM n to Z is a really great resource they have um training modules and connections with mentors and things like that so and I don't work for them at all I don't have hardly but yeah new to Z it's great great opportunity so okay I'm done they're kicking me out love
you h
n
[Music]
[Music]
[Music]
love
[Music] is here to talk about a quick story of security pitfalls with executive commands and software Integrations thank you thank you all right how are people feeling great great yeah so before we start let me ask you two things who here has a 10 talks on API security raise your hand yeah quite a few of you who here has aend talks on uh supply chain attacks vulnerable dependencies on yeah a little bit more of you right that's bomb yeah uh there is a a the type of vulnerability that I'm going to talk today which is exact commands or commanding injections that I think is very important so with that said welcome to a quick story of
security pitfalls with exact commands in software Integrations um a little bit about myself my name is Le alpi I'm from Mexico I'm currently uh working as a security engineer for Google I'm also an open source contributor I have worked in small companies big companies everything in between and I really love cyber security so quick agenda for today uh we're going to talk about software Integrations some of the common Associated vulnerabilities on each one of those categories we're going to discuss a couple of case studies then we're going to talk about one of my cbes that I reported last year and finally we're going to discuss a couple of lwh hanging fruits on how to exploit these
and also how to mitigate and reduce risk but before we start let me tell you the usual uh disclaimer so the opinion expressed uh in this presentation are my own they don't not necessarily reflect the opinions of the organizer or my employees or future employees and all this is um uh with uh learning and educational purposes and to enhance cyber security awareness with that said uh probably we are here agree whether if you are just starting to write your F lineer code on your experience developer that code that doesn't touch anything else like any internal platform system is not very useful right in order for code to be useful it needs to have some type of
integration uh to any other platforms these Integrations are usually in the form of libraries and codependencies mean you are importing others people code into your programs but you can also do through calling external Services meaning you are executing other people's apis through a channel it can be the network uh and also you can do what is called like EXA system calls with meaning you are executing U programs in your same uh process Nam space so each one of these uh categories of Integrations has some Associated pitfalls and vulnerabilities for example when we talk about libraries and dependencies uh we may think about vulnerable dependencies right we may think about uh dependency confusion attacks uh Famous Supply Chain attack
attacks type of squatting uh misconfigurations here is your solar Wing attacks right like very famous supply chain attack lck forj here you have your national state actors trying to take over GitHub repositories hoping to inject malware in those dependencies and so on right on the other hand when you integrate software by calling apis or calling external Services more probably your thread model change towards data validation and sanitization you take care about the integrity and the authenticity of the package being sent uh you are uh you care about data security in transit and all the encryption and data privacy one of the most common issues for this type of integration is for example a misconfigure est3 bucket in which
somebody push a lot of information and is publicly available and anybody can can exploit it right another thing is that if you expose systems to the internet somebody can Gra like web scrapers uh like in these scenarios and they can like extract all the data and most Pro most famous that is uh similar to the Capital One data bridge that happened right the tier type of vulnerability will be associated with common injection most probably we here we are talking about previlege escalation vulnerabilities in file systems and IPC vulnerabilities here you have uh Equifax that I'm pretty sure everybody knows because it was a massive data Bridge impacting over 800 million uh customers or users around the world and also more
recently we have the Microsoft Exchange Server vulnerability that ultimately was a common injection and impact around uh 880,000 companies organizations around the world so for the rest of the presentation this type of vulnerability that we are going to focus on we're going to do a deep dive into fundamentally how this uh may be exploited in some scenarios and looking for for for you I have a fresh CV that I submit last year in a popular uh open source software that ultimately allow you to take c um and infrastructure and and all the platforms we managed through that software and it was high criticality so we are going to do a deep dive into how how that analysis work how
the exploitation work but before doing that let me tell you about the motivation be behind this research so as probably of you are already um familiar to um who here is a fan of Home Labs or they do some kind of home laabs right I think home laabs are very cool they are a very they are a great way to experiment and learn hacking and learn new techniques and my current mass is most probably a bunch of uh has a bunch of virtual machines a bunch of bare metal officical machines it has a couple of Clow instances uh so I have a little bit of everything so as the home lab grows uh yes yeah approve yeah so I have a a
bunch of uh little bit of everything right so I needed a way to manage all of this mess so I try multiple tools eventually I I have to learn anible a very popular uh management automation management tool and anible is amazing right because it allow you to control multiple machines through a a thing called the playbooks and the playbooks allow you to set um a bunch of instructions that will allow you to update delete um install software in all your machines right so as the home lab grows um it's getting uh more and more difficult to to do this kind of management because sometimes I'm not in my common line right sometimes I I'm traveling or I just have access to my
phone or so on so I start thinking that there should be a better way to do this right I start doing some investigation thing about uh popular open source software and eventually I found a very cool product open source called anible uh called SEMA for UI right so SEMA for UI is amazing it allow you to uh integrate with all these automation tools including anible and on paper sem for UI looks great right if we could have a diagram like this in our minds it allow you to do all the anible operations through an nice UI um you can have all your playbooks being pulled from a repository so everything can be version you have
auditability governance multii authorization out of the box and the best part for me is that it allow me to reuse all my scripts that I already have right so as I was saying uh it was amazing it had an integration with anible so everything looks good however we are hackers here right we want to understand how the in work how the Integrations work and this is the main focus on the talk like at some point I start thinking how this UI integrates with anible how the commands run so I start doing a like a code review manual code review the the project is is in Golan a programming language I'm familiar with and I start reading out
the code until I found that the way they call the anible Playbook is by using a exact Command right which is a way a system way in which you call other programs using the system call so I realized like this is dangerous right this is a problem so I continue reading the code the developers they they I'm assume they may or may not be aware about this was a bad idea they try to hard code the binary to try to limit the arbitrary common execution but if I'm honest with you I didn't feel comfortable running this in my infrastructure right I don't want to expose it to the internet I don't want other people to mess up with with my
environment so I decide to continue investigating more right so I enter the realm of unble security so if you are not familiar with anible security now it's a good chance so there is a cool website that I highly recommend you to bookmark that is called GTFO beans GTFO beans is amazing because it has a huge repository of binaries that exist on the Linux operating system that can be abuse to elevate your privileges or exploit some aspect of security of systems including anible Playbook so right out of the box I have two examples of how to how can I pop up a Shell by running a malicious Playbook right and also how to how can I elevate my
privileges so uh it's a very cool website book Market you can go you can look not only for anible you can look for many other binaries and if you are a Windows person there is also a Windows version for this right called lbas which is exactly the same so armed with this knowledge I start creating my own malicious playbooks to do more experimentation right so as I was saying is possible by uh running a malicious playbooks to get an interactive shell so anybody that run the anible Playbook command and then pass this uh Playbook we'll get a shell similar to that uh you can do a Ser side request forgery um and basically you will turn
that machine uni running anible into axy what about reading sensitive content and sensitive files you can do all of these through anible as well right and this works uh this way like by Design because this may be a legitimate operation that you want to do with automation right and finally we have the most common example which is how how to get a reverse shell like if you have a netcut listener and then you execute this Playbook on a machine you're are going to get a reversal so you get the idea so it seems that the most dangerous thing is arbitrary malicious playbooks right looky for us the whole semop for UI model take this into consideration
and we can divide and we can have two types of users one an admin user high privilege user is the one that is going to be pushing the playbooks into a g Version Control like everything can be authorized auditing very secure and then we can have a regular user that is the one that is going to be just running authorized playbooks is not going to be messing up with anything just clicking a button to for example Lo that packages right um however if you go and remember the line of code with the vulnerability there is still two more arguments that are basically untrusted input coming from a potential malicious user so I start thinking can a malicious user can
a low privileged user do something with that type of access so in the UI there is a part uh in the platform that directly relates to these two arguments right this feature is called the extra variable feature and this is also part of how anible Playbook works right by passing extra variable feature you are able to influence the way uh an existing Playbook behaves and this is very useful when you want to customize certain host name certain users certain values uh usually these extra variables are defined in a key value format but also support Json and jaml or or files and so on what they don't tell you in the documentation and correct me if I'm wrong is that you can
pass what it calls plugins so these plugins are very similar to a serers side template injection attack that will allow you to basically P pass some command that will get evaluated and then uh the result is going to be included in the Playbook right and this can be like some some malicious Playbook and just to be clear this is not um even if it's not documented in anible this is not like a vulnerability in anible right this is how it works by Design This is a vulnerability on sea for UI the the layer on top so armed with this knowled I went and refactor all my malicious playbooks and now I come I came with
malicious extra variables right so this is great because now a regular user a low privilege user can start doing all these um dangerous potential dangerous things such as uh retri retrieving environment variables right environment variables usually contain uh sensitive data such as encryption tokens cookies uh API stuff right that then you can use to uh laterally move to move laterally right you can also do the service I request for G attack which is great for direct ex filtration and extract secrets from from a particular machine uh but then there was a caveat that I found right in order for an extra variable to be executed it fears need to exist on the Playbook that was a challenge that I
found however anible anible documentation is great by the way if there is any anible maintainer uh so there is a set of global variables that they they will be always present regardless of the type of Playbook so if you define your malicious Playbook by using any of those that will guarantee you that you will uh execute your malicious code right so in order for you to trust me now I'm going to show you a quick reversal demo
second well no the demo Gods even if I have a backup this is the backup of the backup by the way then
me okay I can come back to this later by the idea is that um you have um you have anible you have semop for UI and then a regular user can uh use um Can execute let me U go back very quickly me see
there it is this is the tier backup isn't YouTube but uh the idea is yeah you have your netcar listener listening you have a um low privilege user running a couple of authorized Playbook with a malicious um extra variable whenever they you update that this is a Playbook that will use update system packages right uh at run time the variables are going to be replaced with the Playbook with a malicious uh payload and then you are going to pop up a r shell right and from there you can do way more advanced things such as um you know like lateral movement and uh stealing secret back doors uh stuff like that so with that let's
continue so what happened by taking advantage of this vulnerability as I was mentioning a malicious use userc escalate privileges they can gain control of the host and potentially all the other machines uh being managed by sem for UI right which is pretty pretty pretty dangerous so now let's put on the the red teamer hat right and let's think about how can we exploit similar examples right like whenever you try to do an assessment let's IM mind we are trying to review this piece of code let's think everything that can go gr about this so the first thing is if you are able to inject an arbitrary command that's common injection out of the box right
you can run anything that you want it will will be executed with the same level of privilege as the program running this function uh if you are able to control the arguments or the environment variables that will help you to influence how this program uh behaves right how this execute then if you are able to control the execution folder that also may give you some intended access to somewhere in the system next uh if you are able to control what the input that the software is passing to that binary that may also be interesting to see if you can exploit that that binary that integration and finally most of the time these these commands being executed
through exx system calls will produce some typ of output that may contain some sensitive data right some tokens cookies things that should be remain private right and you don't want users messing around with that um the good thing is that most popular programming languages have native apis to do these exact system calls doesn't matter the programming language you can there is a way for you to call other programs and as long as this is like this like developers will uh will do it right so besides the traditional dynamic testing and fing testing what I recommend uh for you to kind of do this type of analysis is to do thread modeling right understand at a
fundamental level uh what are the different components that are integrated um and how that uh impact the security right the security aspect uh I I I always recommend to read the documents maybe there is a flag there is an argument that you can use to abuse the platform abuse the system them and uh there is a lot of interesting files right files and flags so now let's remove that c and then put the Hat of the blue team right how do how do we defend for this how do we uh mitigate the risk so the first thing that I'm going to tell you is if you have to if you are starting from scratch and you have to do
an integration you prefer any other method right this is probably the worst method to integrate programs uh if you don't have a uh if you cannot do that because of Legacy reasons because maybe you are dealing with a binary or a program that doesn't have an API or doesn't have an SDK then the next thing you have to do is same team as the red teamer you have to really understand fundamentally what is the thread model for this how do we impact the security of of the overall platform of the overall uh um program while you are doing that always follow the the list privilege principle meaning uh sbox execution of the of the of the binary
like Drop privileges try to uh drop out capabilities you can also complement this with a bunch of a couple of static analysis code tools and while you uh found all the places in your program that is doing this system called this EXA commands make sure to always uh sanitize the input right and if possible use uh a low list so people doesn't pass like arbitrary arguments arbitrary commands as I was also mentioning read the documentation be aware of those dangerous Flags uh security training for your developers is very important but the most important part that I want to take away is that this is a continuous process right you have to do this uh these analysis for every integration
that you bring into into your system right into your platform so today we talk about the different ways of software Integrations the common pitfalls and vulnerabilities associated with them uh we discussed a couple of uh famous case studies like more like data breaches uh we we did a deep diet analysis into the CB on SEMA for UI and what was the impact we did some uh lwh hanging fruits um exploitation analysis and mitigation risk and with that uh thank you so much uh we are open for questions in case we have time I think yeah yeah we have two minutes [Applause]
so I think if anybody has a question there is a mic over there oh perfect uh fantastic talk I really appreciate it uh what was the painful part of your research from the time of discovering that uh they're using uh anible in the background and what prompted you to start digging deeper into uh the project and what was very painful in that process yeah so I will say the most challenging part was um like to run SEMA for UI it was very easy right it was just a container I can deploy it on kubernetes or any other container around time being able to set up the development environment was kind of challenging I spent a couple of times uh a couple of
uh days trying to get the tools and the right versions of libraries until uh I saw that they use what is called depth containers that basically simplify the development uh process a lot so that's was one of the things that I learned and then um to kind of exploiting the vulnerability and find it it was a couple of uh because I didn't do that like full-time it was like across like a couple of weekends until I have like a pro of concept and then I I responsible disclos it with the team and they patch it and and they assign the CV yeah thank you thank you for for the question thank you [Applause] [Music]
[Music] [Music]
[Music]
[Music]
[Music]
[Music]
[Music] [Music] [Music]
n [Music]
[Music]
[Music]
[Music]
[Music] [Applause] [Music] [Applause] our current attacks on content type okay yeah um hello everyone uh are you content with the current methods of content type attacks we like to talk about a new attack Vector for browsers using the content type if an an expected path exists for danger to enter your protected areer uh what you you do perhaps like Attack on Titan we discovered an unexpected attack Vector in uh in browsers this attack path can lead to several vulnerabilities uh big one and being xss oh now on to self introductions I'm a Mori please call me a I take care of uh web penetration testing and smartphone pention testing at the Japanese cyber security company FR
security hi I'm noro but please call me Azara I take care of web ption testing and Crow pention testing H and also R security Inc okay here here's today's table of contents yeah first we explain content type next we'll explain uh the old attack vectors and show how HTTP responses were difficult to change after that we will show how the new attack Vector we discovered makes it easier to change HTTP responses then we'll show some deficiencies with some uh with bu Bounty problems and OSS using this attack path finally we'll present the
mitigations okay now let's start uh start by explaining what content type is content type is one HTTP response head does that indicate uh the type type of data being transported this allows web browser to H correctly recognize the data type and process it appro appropriately for example content type image/ PNG is interpreted and uh image in pnz format and another another example content type text SL HTML is interpreted as an HTML document M but can the HTTP response content type R be RAR be trusted to illustrate it uh whether the HTTP response content type can be trusted Let's uh let's as a first review the old attack pass until now it has been difficult to change the HTTP response
content type this is because in order to include malicious data in in the content type uh the malicious content type must be included uh with the files that in is uh being uploaded and the middleware and application validation uh validate the file for example file extension content type and Magic bite and the application returns a validate error okay however with the preparation of AWS and another cloud services uh the file upload mechanism itself has uh itself changed oh sorry the change in the mechanism include how the HTTP response content type is 100 recently object Str emerged and is Inc increasing being used uh used to appro file appro files H object consist of binary data and
metadata and object H can be made to toore a content type as metadata now now it's easy to change the HTTP restance content type this is an unexpected attack pass for browsers this example is an approach to object Str this is because SDK uh use it to upload file to uh object stage however for some reason uh developers uh tend tend to forget uh about content type validation it's a which they should have done before uh how have because they think the that the SDK H will do it for them an arbitary content type file is uploaded as a result arbitary content types uh can be uh stored in object stretch as metadata okay okay um we believe that many
developers are aware that they could specify any content type as metadata in object stret and that they trusted HTTP response content type unconditionally we then searched for this vulnerability in B Bounty program and Os we investigated uh one B Bounty program and uh found found one uh unverified S3 it CED xss though we couldn't escalate it into our more critical exploit uh we had um we had verified over 100 products but other other than one all were either not using S3 or had an accurate verification we suspect the reason for this is that companies that do BU bounties generally do not benefit uh from using microservices like F3 so we decide to investigate the OS let's take a look at uh the
result we did a simple code search we set the language to JavaScript or typescript and set the uh directory to be under s slash we got over 4,000 hits although we only looked at well-known products as expected most of them had no validation or L validation now um it's a pattern of uh validation Bypass or no validation pattern but uh it's uh all CES presented here after where dumy code okay it's uh uh in HTTP response the server has no validation in HTTP request okay um in one product the content type received from the browser on the server side was pass directory to the object stt as a result any content type could be specified in the HTTP response
although this is a simple implementation in terms of code we had encountered many search patterns this enables xss for example the M type is uh a content type and uh put object uh like a dilory and another example it was just barely okay with web application firewall where uh there is a potential danger this is because the validation is front end only so the validation can be easily be bypassed using proxies such as buob streets since the content type of the HTTP response is not Val validated there is a possibility of accesss in the future if object reach is specified as uh the fetching destination for example you can upload text/html it called xss next um in HTTP
response the server has no validation in HTTP response uh from especially S3 here is an example from uh vs Cod extension which may allow uh rce from xss uh depending on the configuration uh why there are actually no problems in practice currently this product uses HTTP response content type as is so there does exist a lurking program if object stre could be specified in the future um accss to rce could be possible in this code content type of HTTP response is used unconditionally for example um response. headers doget content type directory so um if get text/html it calls xss next um validation bypass pattern in HTTP request even if there are validations using content type string where manous
file is uploaded they are often easily bypassed due to a lack validation such as starts with ends with and the resis uh includes you can see the document uh presented at Biz Tokyo for more information on this bypass technique um um let's look at bypass technique example carrier wave is most famous file approach library on Rubi on raavs Carrier wave had a problem uh with a content type resoltion logic that could be uh bypassed so any content type could be specified in the HTTP response this vulnerability has been fixed at this time okay and uh this is allow list for content type for example you can see uh image/jpeg and image/png only and uh this is a logic to generate
a regular expression based on that allow list Cal waves a Content connect the two codes in other words a content type regular expression is generated from the final allow list however this can be bypassed as we we have just shown for example you can bypass image/png comma t/ HTML next uh in HTTP response even if there are validations using content type string where malicious file is downloaded especially F3 from F3 they are they are often easily bypassed due to lack validations here is an example from electron electron maybe xss to rce capable um depending on the configuration in this product xxs was at least possible due to the LAX content type validation of the HTTP
response for example the validation have a content type dot start with image so you can bypass image/png K text/html this is an example from a Chrome extension xss in the Chrome extension has stronger permissions than normal xss it was just barely okay and has no problem but there is a potential Danger it can bypass text/html semicolon PDF due to the lacks uh determination of PDF in the HTTP response content type that is um you can have HTM render that uh looks like a PDF uh which may be a hit if you have a PDF sniffer turns on for example the validation is content type dot ends with PDF so you can bypass text/html semicolon PDF so then the question of course is
how can we mitigate this problem be sure to valify the content type value with a exact match to see if it is the intended value for example the content type string equal to um image/ ping or image/jpeg in addition do not unconditionally trust the content type of the HTTP response but valify it with an exact match thank you very much for listening to our talk thank you yeah uh here are differences for those who are interested yeah and uh S3 and the content type research and the Carri wave cve and um if you would like to see the slides on your phone please access the QR code here and that's it uh thank
you questions any question all um if you have any questions um I we uh we remind in a few minutes or please ask ask ask ask us okay
um thank you for a great presentation could you please go back to slide 75 I think where you had two content types uh 75 sorry 75 uh it's too far 75 75 okay yeah oh sorry uh went back I went back okay so when the browser yeah when the browser sees uh text/html semic colum PDF are you saying that um the documents going to be treated as text HTML and the PDF part is going to be ignored did you test
that and it's a yeah like you mean uh it's a like a like a weird content type mean uh yeah but uh yeah of course uh it's a weird uh content type but object St can object stage can uh set set up this uh uh content type as uh uh metadata okay uh but uh do do you know what's going to happen when browser will see this will it render the document as text HTML yeah that's right okay yeah thank you thanks
all right thank you very much yeah thank you
[Applause] [Music] [Applause] [Music]
he [Music] a [Music]
[Music] back [Music]
[Music]
[Music] TR [Music] hey [Music] [Applause] [Music]
hey hey hey hey hey hey [Applause] [Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music] he [Music] [Applause] [Music] he oh [Music]
[Music]
[Music] w [Music] [Applause] w [Music] [Applause] [Music] I'm just [Music] something I'm just trying to give you [Music] something I'm just I'm just tring to give you something [Music] [Applause]
[Music]
[Music] [Music] I'm just tring I'm just tring give you [Music] something I'm just TR to give you something sming I do I'm just trying to give you something [Music] he [Music]
[Music]
[Music]
[Music] oh [Music] [Music]
[Music]
[Music]
[Music] [Applause]
[Music]
[Music]
[Applause]
he
[Music] e [Music] n
[Music]
n [Music] [Music] [Music]
[Music]
n [Music]
[Music] [Music] [Music]
[Music]
[Music]
[Music] [Music]
[Applause] [Music] he [Applause] [Music] [Applause] [Music] n [Music]
he
[Music]
[Music]
[Music]
[Music] TR [Music] hey hey hey hey [Applause] [Music] hey hey hey hey hey [Applause] [Music] [Music]
[Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music]
[Music] [Applause] [Music] he [Music]
[Music]
oh
[Music] h a [Music]
oh [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] a I'm just try to okay after br I'm just try to give you [Music] something I'm just try to give you something I I'm just to something [Music] w
[Music]
[Music] [Music] I'm just trying to get something I you I'm just trying to give you [Music] something I'm just try to give you something I do I'm just trying to give you [Music] something he [Music] w
[Music]
[Music]
[Music] [Music]
[Music]
[Music]
[Music] [Applause]
oh [Music]
[Music] [Music]
[Applause]
[Music] oh [Music] n [Music]
[Music]
[Music] [Music]
[Music] [Applause] [Music] oh [Music]
[Music]
[Music]
[Music] [Music]
[Music] [Applause] [Music]
[Music]
[Music]
[Music]
[Applause] [Music] hey [Applause] [Music]
[Applause] [Music] [Applause] [Music]
[Music] he a [Music]
[Music]
[Music]
[Music] n [Music] track [Music] hey hey hey [Applause]
hey hey hey hey hey hey [Music]
[Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Applause] [Music]
[Music] [Music] [Music]
[Music] [Applause] [Music] he oh [Music] h
he
[Music] h
[Music]
[Music] now [Music] [Applause] [Music] [Applause] [Music] oh
[Music] I'm just I I'm just trying to give you [Music] something I'm just TR to something do I'm just TR to something [Music] oh [Music] a [Music] [Applause] [Music] [Music]
[Music] [Music] I'm just TR to I'm just TR to [Music] something I'm just TR [Music] to I'm just trying to give you something [Music] oh [Music] w
[Music]
a
[Music]
[Music] [Music]
[Music]
a that's
[Music]
[Music] [Applause]
[Music]
[Music] [Music] a [Applause]
[Music]
[Music] a [Music] the
[Music]
la
[Music]
[Music]
[Music] he [Music] [Music]
[Music] a [Music] [Applause] [Music]
[Music]
[Music] w
[Music]
[Music] the
[Music] [Applause] [Music]
[Music]
[Music] awesome great so I had a uh I don't know how many of you folks know this but we have this thing called outrageous speaker requests it's a little line that you fill out when you're putting in your uh you're putting in your uh uh your proposal for a talk and uh if we accept your talk then we usually uh will find a way to fulfill your outrageous speaker request now I believe you put in an outrageous speaker request for a crisp high five before you be wait I I I need to I need to know how high do you want this five M just standard height standard height okay standard height standard height high five I think we can
make that happen all right here's a crisp five at a standard height [Laughter] i'mna thank you so much thank you for being part of B I'm gonna frame this I'm G to put this in my office that's awesome thank you guys it's a little early so Galaxy here yes how's everyone doing today good yeah has bides been uh been fun for everyone so far yeah it's been I've been having a good time it's been enjoyable everybody here here is awesome you guys are everyone's so nice it's crazy so thank you all for allowing me to speak in front of you and everything so should be good give it give it like one more minute get
started all right okay are we good good all right uh so my name's Troy um I'm GNA be talking about modeling at scale and uh without further Ado let's go ahead and get started so uh little bit about myself uh I love dogs beer science not necessarily in that order um started my It Journey in the Navy uh I was in the Navy for about 6 years I was a fire controlman uh Tomahawk Tech uh from there I got out and I went to work for Costco uh I've been on the thread analysis team now for going on five years so it's been it's been a lot of fun uh my super supportive team is here
as well so thank you guys um but yeah and then uh from there it's just been it's been a journey it's been a lot of fun uh real quick question for everybody who here threat models has threat modeled does it on a regular basis oh wow awesome so please feel free to ask questions if we have time at the end i' it's been going right about the 25 minute Mark if we can't get questions in feel free to find me afterwards and we can chat totally totally fine with that so just let me know all right so uh real quick what is threat modeling I'm not going into how to threat model or anything like that prob
a quick quick overview um generally you want to answer four questions right what is being worked on so Define your scope of the of the engagement of the threat model uh gather information so this could be documents diagrams whatever uh and then usually you're going to build some kind of visual model of the application or system or whatever it is your threat modeling uh you also want to answer the question of what could go wrong uh so identify threats vulnerabilities um sometimes you'll pair these things for risk within the threat models sometimes you don't uh it kind of depends on how you do it at your organization um and then uh what should we do about it so these are mitigating
controls your recommendations uh things of that nature and then uh for uh remediations you definitely want to think about you know what's going to work best for the business and things of that nature and then uh did we do a good job so uh validation of of the threat models through reviews with the project teams or you know retrospectives or what have you all right so uh challenges of threat modeling uh really comes down to a a few things here so uh lack of expertise so uh a lot of times devs are focused on you know Pro providing a solution that's going to work best for their customers and provide the most value right and that's what they're
supposed to be focused on that's that's why they're there and uh so a lot of times security kind of gets put in the back burner or it's you know not at the Forefront of their of their building and stuff like that so um definitely you you tend to see a lack of expertise with the uh the developers that you're working with another is a lack of time uh a lot of times there's um tight deadlines you know uh you got to get things to Market and that can that time crunch can make it so that security becomes more difficult to implement uh and a lot of times everything else will get prioritized over over the
threat modeling process get prioritized over Security in general uh but yeah uh and then lastly lack of resources uh a lot of times the uh tools that you'll be using are much more focused on making the build process easier helping the Developers find you know maybe certain kinds of bugs that may not be security vulnerabilities um tools sometimes don't support the active threat modeling uh and so having the right resources as well can be kind of challenging uh and then what does what do all this mean it means a lack of uh value when you're doing your threat modeling when you're going through your threat modeling process uh when that happens a lot of times resentment can build between your
project teams and the security teams and it just makes the whole process a lot more difficult all right so and then the big question that we're going to answer today how can you threat model and do it at scale right how can you perform threat modeling at scale so let's jump into it so firstly is uh collaboration right um it's a very collaborative effort between your Security Professionals and your project teams so what I like to say is as a security professional you want to make sure that you're able to train assist and Empower your project teams to make the best decisions and build the best products that are the most secure right and as a
security professional you can bring that knowledge to the table and collaborate with them throughout the the design process or the or even the early building processes right uh the and while you're collaborating while you get this collaboration between the project teams and the and the security teams you're inherently going to have the project teams learning about security so as the project teams learn about security they're going to start inadvertently or purposefully implementing those security those security controls that you've been talking to them about over and over we hope and start integrating those into these solutions that they're building and vice versa the security teams are going to start to learn what can hinder the business the most right so maybe
there's certain mitigations that they learn you know makes the product work in a way that's counter intuitive right and maybe there's a different mitigation that they can use instead uh and then as they work with those business teams in the future they can put push those rather than trying to push something that's going to cause issues and then uh overall with that efficiency is going to improve as you become more collaborative uh another so tools um like I mentioned before tools a lot of times uh it's it's hard to find some that are specific for threat modeling they are out there uh there's paid there's uh paid versions there's free versions but uh one of the most
important uh aspects when it comes to the tools that you're going to choose to use in your threat modeling process at an organization is going to be asymmetric collaboration uh and what I mean by that is the tools need to allow you to perform duties or work or whatever it is that you're doing outside of set time windows with the project teams or vice versa for the project teams to do things outside of a meeting with you and then allow you to go in and see what it is that was done what changes have been made what progress has been made things like that so that asymmetric collaboration in the tools is extremely important uh so you also have to take
into account tools for uh diagrams right um with threat modeling you're making visual representations of your of your Solutions and being able to accurately depict those is extremely important because a picture is worth a thousand words and it's a lot easier to understand what's going on in a solution when you're able to visualize it also uh supporting the collaboration right that I just talked about you got to have tools that can support that SO meetings recordings um for reference later uh whether those meetings are in person or virtual or hybrid um just being able to support support collaboration uh another is building reports uh so having a tool that is capable of producing reports that are tailored for
the audience that you're giving that report to so it could be a report that's more tailored for compliance it could be a report that's more tailored for maybe high level Executives um or maybe it's a more detailed report that's going to the project team and maybe other security teams that are going to be uh helping in the process of remediation and things of that nature uh and then validation tools so with validation tools um you can use you know code scanning V scans you can do pen tests and the idea there is that once those things are done you can look at the findings from those and see if they differ from the threats and
vulnerabilities that you sought when you were doing your threat modeling process right and if there's vast differences then you know that maybe there's things you guys are missing or not touching on in in while you're doing the threat models so it's it's a very retrospective kind of tool for validation but definitely extremely helpful all right uh so procedures and practices so with this one there are two main questions that you have to answer when you're building up a threat modeling process at an organization that being security team what should the security teams bring to the table is the first one uh expertise so their knowledge of security right uh they need to be able to give guidance
so knowing what is secure is one thing but being able to guide the project teams to what the best option is that works for both the security and the business to you know keep moving forward that's where that guidance becomes extremely valuable uh and then templates as well at the end of the day the threat model is a product of the security teams right uh you want to own the template you want to own the document and you want to make sure that you're able to uh keep account of what is delivered to the project team and how it's delivered and how it looks what should the project teams bring to the table that's the second
question time for one um threat modeling can be a very time time consuming process it's not always but it can be and the project teams and the security teams need to be prepared for that right when you get into a meeting and you start walking through the solution there could be a lot of different connections different processes or functions of certain applications that you have to talk through and finding those those threats and vulnerabilities that could be posed on that solution takes time and so patience is is definitely a virtue when it comes to threat modeling uh aacy is also extremely important knowing who's responsible accountable uh consulted and informed and this is from the project
team right so that when the security team has an issue they know who they can quickly go to uh to get it resolved and keep the flow of information open so that there's transparency uh and then lastly documentation and diagrams so to speed up that lengthy process that I talked about front loading can be extremely helpful there so if you're able to get in-depth documentation diagrams from your project team you can frontload a lot of the work so that when you get into these meetings that require a lot of time you've already done the heavy lifting and then at that point it becomes a conversation all right so I say I say here Define everything right and the reason I do
this is because the more speed bumps that you can remove in your process of doing the threat models the better the the idea here is is that you want to streamline it as much as possible right because when you're doing it in a large organization um at scale it becomes timec consuming it becomes difficult and so either you hire more people or you make the process more efficient so what I mean by this is do you do the threat model make sure you have it defined as to what justifies a threat model what doesn't uh your intake method when and how are people coming to your team to request the threat model to be done uh
checkpoints how often are you meeting with the project team when are you meeting with the project team what triggers it right uh and then what is considered an escalation so if there's a big disagreement between the security professional and the business on something right how do you how do you resolve that quick being able to identify and have that defined how escalations happen can resolve those quickly extremely important uh and then delivery and post- delivery so when you're you finished you need to know who to deliver it to and this is where those different versions of the document can become very helpful because you can deliver the highle overview to Executives you can deliver the super technical one to the uh
project team and other security teams right uh and then Post delivery so you've identified threats you've identified vulnerabilities and you know what you need to do to mitigate those things you're not as the person doing the threat model and oftentimes in large organizations you're probably not going to be the one that is in charge of following those to remediation and so understanding how to hand that off to the next team that is going to track those and make sure that they come to fruition is extremely important to document and Define in a proc as a process so that the remediations don't get just found and then it's just white noise from there you you want them to
get fixed that's the whole purpose of this as and you want it to be fixed before it goes to production uh and then what to do when the design changes right this is a huge this can become a huge speed bump a huge blocker is you'll be halfway done with your threat model and all of a sudden they're like you know that one feature that we spent a week on yeah we don't want that anymore or we're changing it to this other thing so knowing what to do in that moment is extremely important and it requires a lot of communication um versioning of your documents is extremely important as well so that you can maybe go back to a
different version that works better to then work back up from there to try and save you time um but at the end of the day remember that threat modeling is a collaborative process and so information that is being shared to you by the project teams is going to have fallacies it's going to have omissions it's going to have um Fabrications we're all human we make mistakes right but identifying those things as fast as possible will help you to get past those so that you can finish your threat model and have it be accurate and not to mention when there is stuff like that you start to notice it really fast like as you're threat modeling things just will start
to not line up it just won't make sense and you'll you'll do it on your own kind of you you'll see that something's missing so all right continuous Improvement right so as you're building up this threat modeling process you want to try to continuously improve it so what is being done right uh reward that right so if the project team or the security team is doing things right make sure you keep doing those identify them and and point it out right and then what could be done better so maybe there's areas where there could be minor improvements made uh identifying those and taking action to streamline the process and make it better is important and then where are the
repeating pain points so these are things where maybe you're running into blockers during the process at the same point every time right maybe there's something in the intake method that could resolve that or maybe you're finding the same vulnerability and it's going unfixed over and over again right it's it's identifying those and getting it done as fast as possible uh and then retrospectives right this is where a lot of that work will happen is in your retrospectives getting the security team together talking through these things and finding Solutions that'll streamline the process all right benefits of threat modeling so one one of many is saving time and money it is much cheaper to make a fix to
above or or some vulnerability before it goes to production and it's it's a lot quicker too so using threat modeling to identify these things early will save you time will save you money it's it's extremely helpful uh and then cooperation and understanding so when you have the security teams and the business teams coming together and solving problems together they're going to be more inclined to work with each other and be more open and forthcoming with information and then you're going to see improvements in security when that happens right because the business isn't going to be scared that they're going to get you know told no or become or get blocked on something they're going to be more inclined to
come to you as for advice or just hey how do I do this better uh and then as as the threat modeling process becomes more prevalent in your organization older Solutions will start to fall off or if they have major architectural changes they get reviewed through the threat modeling process and everything starts to become I don't want to say more secure but you'll have you'll have more confidence in your solutions that you're deploying that they are secure that they have less threats less vulnerabilities uh it'll also give you a much better kind of picture of your organization security posture and then uh I have up here improv pen tests and what what it what I mean by that is
when you when you have the threat models and you and you've identified these vulnerabilities you've identified these these potential threats you're able to then feed that to the team that's going to be performing the threat the I'm sorry the pen testing what you're doing there is you are focusing their their efforts right so pend tests are expensive I think we all know that they're they're an extremely expensive Endeavor and so if you can focus the pentest on things that may be an issue instead of this broad just test everything mindset you can probably drive cost down and the quality of your pen test will probably go up you want to be careful not to get too
specific because then they might miss things that they should have caught so it's a definitely a fine line you'd walk but it it can help in the long run all right so I have some uh some AI memes up here um what is the future of of threat modeling well yes I think AI will have a play in it I don't think they're coming for your job though um what's probably going to happen is AI is going to be used to augment teams that are doing this threat modeling right they're going to be the AI is going to be able to see things that the human the human process can't see different maybe there's threats in
one solution that ties into another that ties into another and that threat can manifest itself in an application that's maybe you know two two down the chain or whatever it's it's definitely going to improve the overall quality of the thread analysis but it's going to be there primarily like I said to augment the teams and give them a better understanding of what's going on and just make their job quicker and more efficient I hope you like the uh the memes too they made me laugh uh and then this here this is a quote I'll let you I'm not going to read it but you guys can read it um I love this quote it keeps keeps me going keeps
uh keeps me motivated and everything so I thought I'd put it up here but I just want to say thank you everybody for having me and and thank you to my wife and kids for being at home my wife's holding the fort down right now so so I could be here so that's awesome and thank you to my team for coming and supporting me thank you all I think I do we have I think we have a few minutes if anybody has questions so how are you getting Manel
yes so is we what we shoot for is in the design process when there's a somewhat solidified design that's when we like to get involved without a solidified design you kind of spin your wheels a little and you'll do a lot of work that may be for nothing because the design will change so you want it to be close to to being done um but not into the build phase yet when you've got developers that are pushing back that that heavily though it's it's going to take a lot of of effort on everybody's part you're going to have to build out the process and show that it can be streamlined and then you're going to have to get
executive leadership to step in and be like this has to happen it's it's yes but you need to be able to show that hey we have a process in place that will make this quick like it's not we're not we're not going to take up more time than we need you can frontload us with a lot of stuff that'll help and you know help shorten it down
we we we like to use the term funnel rather than blocker or gate and the idea behind that is when the they're building something they're eventually going to fun down to a point that has to be they have to go through it right and one of those points is the threat model process they can't they can't they can't move forward until that's done and there's a lot of and rather than making it like a a a checkpoint in some arbitrary list what has happened is a lot of other teams won't give them what they need to until they see a threat model from my team and so they'll they'll be like okay we'll just go past you that's fine and
then you get to the next team that maybe is setting up the network right they're like oh well we need to see the threat model and then they're like oh well maybe I should have listened and they'll go back so yep go ahead can you speak a little bit more about uh asymmetric collaboration yeah absolutely uh so the like I've said like I said 100 times is and I I'm going to keep saying it is it's really really really really hard to get a bunch of Architects Engineers devs into a room with you at the same time like it's it's impossible and then you if you try to take into account like Integrations of other tools that are
being built other applications and now you've got Architects from another team and that team and maybe another team and getting them all into a room it's not going to happen and so if you have these tools that allow for asymmetric collaboration that allow an architect to go into a document make some adjustments leave notes and then move on with their day maybe they had 5 minutes and then you see you get maybe a notification hey somebody made an edit and then you go in and you see the edits you see the notes and then you can add additional questions to it you can make adjustments to it and this goes for everything from reports to the
diagrams to question docs you name it
yeah yes so we it's becoming very cumbersome um and we are in the even even now we are still trying to refine our process as best we can and so we have what's called a consultation summary and the consultation summary is designed to answer those one-off questions like let's say they're like oh we just want to integrate with that API I'm not going to threat model a single connection to the API right like that's that's a lot of effort for one simple function so a lot of times what we'll do is we'll shrink that down into a much smaller deliverable that just answers the question with basic security observations security concerns security requirements based on industry standards
things of that nature but yes that that's a good question
yeah what happen they they will be kept from going to production so they can move forward with testing they can move forward with qat whatever it is right but going to production if they there has to be a very strong reason that they would go to production with having a threat model
done what's yeah what's crazy is I don't think I don't think threat model the threat model is even on the release m keep me honest here I don't even think it is like I said I think other teams that are on the release to be able to for it to go live won't do their part until they see our threat model and so yeah can it can do we allow an app to go to production without a threat model we do but they have to back if they have to meet any of requ yeah so yeah it's it it's definitely a very interesting Dynamic and I'm not saying it's the best but it's been working for us so far oh
I'm sorry no no you're good yeah yeah it's it's they're roughly defined right now um but they're in the process of being much much harder much hard much harder stops like you you cannot proceed without having it but yeah go ahead
yeah yeah so how we Define it is are you seeing major architectural changes when you have those releases right are you introducing some new function that is going to create you know all these new connections and open up all these different a V of of attack vectors and all that if you're not like let's say your your release is just adding a data point to a connection that already exists you probably don't need to threat model just that that's that's probably quite a bit but if you are noticing that when you proceed it's going to create a lot of new connections maybe you're adding a bunch of apis that are all hitting these different points and
calling all these databases that's when absolutely you would want to proceed with a threat model so it's it's it's really it's kind of using your best judgment
yeah I see what you're saying I would say that if you can wait until a lot of it is done and in place and then maybe do a back fill on it because if you try to do it every single one and then like piece them together that would it that'd be very cumbersome and it you would start getting some resentment between the project teams and the security teams yeah all right that is all the time we have feel free to find me afterwards i' answer any questions you guys have thank you thank you
[Music]
[Music] w [Music]
[Applause] [Music] hey hey hey hey hey
[Music] [Applause] [Music]
[Music] he he
[Music]
[Music]
[Music]
[Music] track [Music] hey hey hey hey [Applause] [Music]
kitsy and they will be talking about demystifying SBO sb's strengthening cyber security defenses hello everyone I hope you're having a good time since morning attending talks there's another one from us it's on as bombs and I'm Harin oh I'm kti I work as an application security engineer she's my co speaker harini hi everyone um I'm harini Ram Prasad uh I work at as a product security engineer um we just thought as bombs are a cool topic and hence hope you agree with us at the end of this um yeah um just a disclaimer that any opinions uh expressed here are purely our own um not related to anything uh any views of an employer uh but yeah
with that said let's get started so I want to start off by asking you all a question do you really know yourself yes no maybe so don't worry I'm not going to the philosophical side here probably worth another time but U yeah knowing yourself in the context of uh the software you build and the software you use so for example um do you really know what programming languages are being used what third party dependencies are being leveraged what risk do they carry um does your use of those dependencies really made compliance requirements and so on so this is also being emphasized by the CIS controls yes one and two and um they're about inventory and control of Enterprise and
software assets so why is this reflection exercise more than important today so this has become really important in the light of software supply chain attacks now these are attacks where bad actor are targeting legitimate thirdparty software vendors um software that is widely being used in the supply chain so take for example maybe like a popular JavaScript library which is used by hundreds if not thousands of organizations now if you think what would happen if such a library is compromised the blast radius and or the impact of it is going to be massive it's not just going to be limited to just one organization so software supply chain attacks have become um truly a pain to deal with
unfortunately there are many examples of this in recent times uh the biggest one I guess you all may recall is log forj this is a popular uh Java Library used for logging and attackers discovered a vulnerability through which they could execute code on your servers uh the most one of the most difficult parts of remediating a vulnerability like this was actually identifying all such usage of that vulnerable version of that like library and making sure you patch all usage and do not leave anything out and if you think about doing this in a huge code base if you don't have the right tools to do it it's going to be really uh painstaking the other example um is the
XE Library you know had it not been for a curious developer was looking to debug a performance issue all right a malicious very stealthly written code would have been shipped to so many Linux systems essentially enabling attackers to have a back door on those systems so we can see how devastating that could have turned out so all this is to say that it has become incredibly important to record and track information about what our systems and software is made up off so jumping to what is a SPM right I mean to State simply it stands for software bill of materials and that's an example is Bomb um there but what is it really right so it basically does what
we talked about before which is it lists all the component parts and software dependencies used so names of components the version information the supplier information if that's available essentially you can think of it like the ingredient list uh so let's say you're going to the supermarket to check out that new snack that your friends recommended more often than not you're going to look at the ingredient list and see if there's anything funny out there that you may want want to avoid and overall make a decision whether it's good for you or not so as bombs are kind of like that if if you want to think of it that way it's not it's not merely just an inventory list
but it goes a lot more than that and it can help you assess whether a particular software component really aligns with the level of risk you're willing to take so it has become an essential tool in software supply chain security remediating vulnerabilities and in compliance efforts as well and essentially it's a huge step step towards transparency right uh now you have a a better idea about what a software component is made up of so this is really huge step for both producers as well as consumers of software so let's talk a bit more about why do we need s bombs so firstly open source software is everywhere um to quote a recent study that showed that uh
an average software project has more than 200 dependencies now when you think about tracking vulnerability information which may be present in those dependencies fixing all of those and U making sure you still meet the compliance requirements you can see how it can get complicated really fast I hope your project doesn't look like that but it's kind of the reality for most so like we talked about before s bombs can help you comply with your business risk appetite it also helps a lot with mitigation efforts because now many new vulnerabilities out there you can identify what parts of your software make use of that vulnerable version and you can Target your efforts accordingly so it definitely helps in fostered
adoption of any mitigating controls or measures available so that you can lower risk as soon as you can and it's been largely supported by the government as well so in 2021 the US government came up uh released an ex executive order uh for nist to come up with a set of best practices on using S bombs the cesa org which is the cyber security and infrastructure security agency has also released a lot of educational resources for organizations to understand as bombs and adopt them in their software development life cycle so basically we want to avoid the shock of discovering the ton of vulnerabilities that came with the dependencies you used and taking a more proactive approach on that
so that was a fair bit of talking from me now I'll hand over to kti uh to talk more about how can we get started with generating esoms okay so we talked about what are as bombs why do we need them now let's get to what like how do we actually generate these as bombs so there are various tools in the market there are some open-source tools provided by trivy Anor oasp and uh there are some wendor based tools and Frameworks but how do these tools actually work so they scan the application and when I say they scan the application by that I mean they are actually examining the artifacts and any Associated sources such as the manifests
metadata lock files source files your binary files and uh we can have this generated in three different formats like there are three different formats available which we can use to generate this document uh we're going to be talking about the two formats but before that we're going to talk about what these formats basically are these formats are basically the composition of data you're looking for you choose a format format based on your needs and what is more acceptable with your current environment like what is already like the tools that you're using how what would be more compatible so there are two tools which we're going to talk about today spdx and and Cyclone DX uh spdx basically focuses
more on the software packages and your package level licensing whereever whereas uh if we see the cyclon DX it focuses more on the software components the authorization and external API now what we're going to do is we have a pre-recorded demo for you we're going to go by the demo we we will see how we actually generate it generator as bombb and we will be using uh anor's open source tool called
sift okay so that's the demo basically give me a minute yeah
is it working yeah it's C the screen are not working this is not working but I want so sorry okay sorry uh yes and play that again now okay so that's where we'll begin in the demo and what we're doing here is we're going to generate the s bomb and now we and after that we'll see how we can use that s bomb to actually manage the vulnerabilities we're going to pick up a commonly used image inine X image and use sift as I mentioned so that's the command that we're going to run and uh we are going to produce it in the cyclon DX format that we defined and uh write it to a Json file so when we run
this command a file gets generated you'll see it come up yeah so that's the file on the left side you see that's that's actually the s bomb that got created and uh it's the cyclon DX format that's how it looks and it has three major sections the metad data uh the components and dependencies metad data is actually what contains the information about the image and uh component is the one that contains the information about the licensing and the packages and the dependencies is all the package all the dependencies of the image like the package dependencies there's a whole list of it that you'll see here now what we want to do is as I said that we'll use this sbom for
vulnerability management we'll run this sbom through a vulnerability scanner and uh for that we're going to use a another open-source tool which is also available by Anor that's called gripe that's the one that we're going to use and uh when we run this uh gripe command we're going to get a list of vulnerabilities as you see there and uh it'll have like what's the severity what's the vulnerability and uh if that could be fixed and the ones which says won't fix it's either they have reached the end of life or uh there's no fix available for those ones so we have to look for alternative Solutions so this was like a table format but what if we want just one
comprehensive document so what we do is we again run the gripe command and create a new as bomb that will contain the uh vulnerability section now and uh to do that we run the another command and write it to another Json file which will basically create a new s bomb that would be like the same as bomb that we created but we'll have another section we'll just see it now so we see another file got created and uh it has exactly same data as the previous one just one section got added the vulnerability sect
Related talks
51:51
32:48
33:48
54:33
31:06
20:51