
Researcher Grabs VPN Password with Tool from NSA Dump - aestetix
https://motherboard.vice.com/read/researcher-grabs-cisco-vpn-password-with-tool-from-nsa-dump
======
givinguflac
What more reason could we possibly need to be against the NSA's data
collection at this point? They clearly can't keep themselves secure, so why
should we allow them to keep a profile of everything everyone does? They're
simply collecting the most dangerous database in history and can't even keep
the doors locked. I can't imagine how dangerous these tools and all our
personal data could be in some other, also wrong hands.

~~~
onewaystreet
It's pretty easy to pick a lock but you don't remove the locks from your house
because of it. No one is 100% secure, not even the NSA.

~~~
et-al
> _No one is 100% secure, not even the NSA._

That's why we don't want NSA backdoors (among other reasons).

A more accurate analogy would be that the NSA has copies of all the keys in
your neighborhood hanging in a cabinet on the street with a _slightly_ better
lock (a 7-pin tumbler!).

No thanks.

~~~
ashitlerferad
I think it would be best for the NSA to keep working on creating exploits but
practice responsible disclosure.

------
bArray
Okay, there's now some credibility to what Shadow Brokers are saying. Watch
those bids rise for the rest of the dump!

A far fetched tin-foil hat idea - Shadow Brokers made a few exploits
themselves and are looking to bring maximum profit from a smaller amount of
work.

The second tin-foil idea is that the NSA themselves are pretending to leak
their old tricks in order to find out who the big players are.

~~~
moyix
More confirmation that it's actually from NSA:

[https://theintercept.com/2016/08/19/the-nsa-was-hacked-
snowd...](https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-
documents-confirm/)

There's a string ("ace02468bdf13579") that is mentioned in a previously-
unreleased document from the Snowden cache and also found in some of the
binaries contained in the dump.

~~~
88e282102ae2e5b
Is it not possible to replace an existing string in the binary with that one?

~~~
moyix
To what end?

~~~
0x6c6f6c
To connect it with the same speculation that's being made right now?

~~~
moyix
It's the timing that makes the connection. The sequence of events is:

1\. Snowden leaves NSA with documents. Some of these (but, crucially, not all)
are published.

2\. Shadow Brokers release something claiming to be NSA hacking tools
containing ace02468bdf13579 string.

3\. The Intercept looks in the _unreleased_ parts of the Snowden documents and
finds the same string.

Thus, the fact that the leaked tools contain _non-public_ NSA-specific
information is what makes it clear the tools originate from NSA. The only
other possibility is that the Shadow Brokers _also_ had access to the full set
of Snowden documents _and_ decided to use them to fake the dump, which is
much, much less likely.

You could start dropping ace02468bdf13579 into binaries willy nilly now, but
it wouldn't do much, because that's now public information.

Or am I missing something?

~~~
blumentopf
Birthday paradox.

~~~
pklausler
While that 64-bit value would be just as likely to occur as any other if
randomly chosen, any competent programmer is going to recognize a very strong
pattern in that value's binary representation that makes it much more likely
to have been chosen with intent. In fact, the pattern is so strong, there's a
chance that the appearances of the value in two places is simply a
coincidence.

~~~
pklausler
Specifically, in C, it's

    
    
      (0x01234567uLL + 0x55555555 & 0x77777777) * 0x200000002 + 0x11111111

------
acqq
> Al-Bassam writes that the tool works by sending a packet to the target
> machine that makes it dump some of its memory. Included in that dump is the
> VPN’s authentication password, which is used to log into the device.

> Both Al-Bassam and Maksym Zaitsev, another researcher who has been looking
> into BENIGNCERTAIN, believe that the attack is likely capable of extracting
> private encryption keys from VPNs as well, which is another, more robust way
> of authenticating access.

Seems similar to the famous "Heartbleed" OpenSSL bug, possibly even easier to
achieve.

[http://heartbleed.com/](http://heartbleed.com/)

~~~
bostik
Actually, this tool brings up the question: did NSA discover and exploit
Heartbleed years ago?

That is not a conspiracy theory, btw.

A few weeks back, H.D. Moore of Rapid7/Metasploit fame was on the Risky
Business podcast. The topic of the week was bug bounty programs, and in
particular the larger programs that aggregate individual vendors under a
common umbrella - and notably a common set of guidelines.

Moore mentioned that a recurring theme is that when researchers discover a new
trick, they will the proceed to apply that trick to every possible vendor on
the bounty program, netting 2-3k from each one they pop. In the same vein, I
would find it odd if this extraction technique was not applied to every
possible encryption target the NSA could think of.

~~~
larrik
I would imagine that the NSA did discover and exploit Heartbleed years ago,
yes. I've generally assumed that sort of thing was very likely, at least.

------
cnntth
Slightly unrelated - Mustafa Al-Bassam, the researcher quoted, was TFlow, one
of the younger LulzSec members.

[https://en.m.wikipedia.org/wiki/Mustafa_Al-
Bassam](https://en.m.wikipedia.org/wiki/Mustafa_Al-Bassam)

------
curiousgal
Scary how this serious exploit lied in the crumbs of the files auctioned and
even those are possibly mere crumbs of what the NSA has.

~~~
cloudjacker
or its all hype and there's little substance left

like many movie trailers

~~~
curiousgal
Sure hope so!

------
jstewartmobile
Just one more nugget of evidence that our government exists not to keep the
citizenry safe, but to keep it in its place.

If the NSA really wanted to keep us safe, they would focus their efforts on
patches instead of exploits.

------
based2
[https://www.debian.org/security/2016/dsa-3650](https://www.debian.org/security/2016/dsa-3650)

------
mikegerwitz
Don't keep plaintext passwords in memory; treat them like you'd treat your
persistent records (e.g. database), because it is one.

~~~
johncolanduoni
Issuing a disk read every time you need to decrypt data sent over a VPN is not
feasible in the slightest. At best you could only keep the key derived from
the password, but that's all you'd need to decrypt the traffic.

~~~
mikegerwitz
I was referring to the password used to log in. You can store a hash in memory
for comparison.

~~~
johncolanduoni
This attack doesn't involve a login password. It's a pre-shared key. If you
have the hash, you can both connect and decrypt the connections of others.

If it was only needed for comparison, the plaintext password shouldn't even be
in a database.

~~~
mikegerwitz
> Brian Waters, another security researcher, tested BENIGNCERTAIN on his own
> hardware and managed to obtain the VPN's password, also known as a preshared
> key.

> On Friday, he tweeted a message of the output from his test, which revealed
> his test password of “password123” among a list of two other possibilities.

A password and a pre-shared key can mean the same thing depending on context.
Regardless of what it is, the value in memory should not be able to be used
externally to log into the system. The article references
"password123"\---that should not be recoverable from memory.

------
kchoudhu
Shadow Brokers => Mass Effect fans?

Can't say I approve of these tools being leaked, but you have to admire their
style.

~~~
Florin_Andrei
> _Shadow Brokers = > Mass Effect fans?_

Well, if you're familiar with that fictional universe, the name they chose for
themselves definitely makes sense.

------
microcolonel
Is it legally dubious for a U.S. citizen to download that torrent?

~~~
dogma1138
I don't see on what grounds they can charge anyone. The documents are not
classified, they weren't claimed as official USG property by the NSA, and
downloading the torrent is any more or less illegal than reading the leaked
Snowden power points online.

~~~
sandworm101
> The documents are not classified

They are not marked as classified. That is something different than not being
classified. Any US person with any sort of national security-related job, or
any hopes of ever getting one, should think twice.

It's like having a stealth fighter crash in your back yard (this has
happened). The pieces are not marked as being classified, but selling them on
ebay isn't going to win you friends.

~~~
dogma1138
That could go also for reading the material released by Snowden not to mention
wikileaks.

But overall I don't think this would affect you having a security clearance in
the future, this isn't the first time leaks happened and I somehow doubt that
it would affect security screening.

You are asked a question along the lines of "have you been ever exposed to
classified information without having an explicit permission" if you say yes
it was on cover of the goddamn washington post they can't do much.

Saying that it was leaked all of the internet, reported by 100's of news
sources, fully analysed and you've looked at it yourself to see if you can
learn anything from it isn't going to hurt you either.

But overall this isn't like a stealth fighter crashed in your backyard, it's
like a stealth fighter crashed in China, they reverse engineered it, mass
produced it, it was reviewed by everyone on the planet and you got one to try
it out.

~~~
sandworm101
Or, if you torrent these files, the question "have you ever passed classified
materials to someone not authorized to receive them?"

>reported by 100's of news sources

That really doesn't matter for many people. Anyone with any links whatsoever
to the US military (a large chunk of the US population, including retirees) is
bound by orders not to read classified material despite it being all over the
newspapers/CNN. This was and still is a big deal re the Snowden material.

~~~
acqq
The Snowden material had these "SECRET" or "TOP SECRET" tags on every page (as
seen on TV, of course!) This software tools, however, probably don't have
anything like this, as, if I understand correctly, they are the binaries that
should look "innocent" and fully unrelated to the US organizations in any
event they are discovered, as some of them were already discovered with
Stuxnet and similar events.

So I don't even see how they can be considered "classified" if the US doesn't
officially admit they produced them. As far as I understand, there's nothing
that carries their signs or any other such marks (like "top secret US
government property").

For the reference, the production of Stuxnet by the US was never officially
admitted. So you still don't have to answer you've seen something declared as
secret by the US if you've seen a report about Stuxnet. And I honestly don't
expect the US will soon admit the production of it officially. Unofficially,
sure, there's that NYT article reporting what some "American officials" said.

------
micro_softy
IPsec.

