The Blog of Tom Webster
Chronic Ranter, Reviewer, and Developer. I speak only for myself, opinions are my own.
I'm leaving GitHub for GitLab. All project references on this site have been changed to reflect their new home. All GitHub-hosted code gists have been replaced with locally-highlighted code snippets.
The reasons for this are three-fold:
I've been working for a while on re-doing my site. I've decided to move from Octopress to Jekyll for a variety of reasons. Octopress v2 had some well documented shortcomings, but it honestly was a fantastic intoduction to Jekyll and flat-file sites. I really love what Octopress is and how it introduced me to generating flat file sites, but I've outgrown it. I've moved fully to Jekyll, and as always you can grab all the source code here.
If you find any errors, bugs, or want to make something better, I do accept merge requests, so have at it.
You can find the talk materials and slides right here.
My latest mini-project involves deauth attacks of a portable nature. I give you, the Wifi Grenade. Just be warned, this talk is juvenile, script-kiddieish, and probably irresponsible. In this post, I'll show you how to build it.
To cover myself, I have to warn you of some things:
First, go shopping, you'll need some things (Amazon referral links below).
[$50] Raspberry Pi 2 Model B with case
[$6] 8GB Micro SD Card
[$40] Alfa Wireless Card (G/N 2W)
[$40] Anker 16000mah Battery
When you have all of your gear, let's get the OS installed:
I'm using Arch Linux ARM for my Pi, follow the instructions
here to
get the base OS installed, then run your updates with pacman -Syyu.
Next run pacman -S scapy iw wireless_tools git to pull the required
tools and libraries.
Next, clone Dan McInerney's fantastic Wifi Jammer script from GitHub. This will put the code into a directory called "wifijammer".
git clone https://github.com/DanMcInerney/wifijammer
Next, we have to set an auto-login. Create
/etc/systemd/system/getty@tty1.service.d/override.conf with the
following contents:
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root --noclear %I 38400 linux
Next, we have to set the jammer to run on boot. The simplest way to do
this is with .bashrc, modify the contents with the following:
exec /usr/bin/python2 /root/wifijammer/wifijammer.py -a 11:22:33:44:55:66
Now your system will boot directly into the root user and start the wifi
jammer. By default, the jammer is set to only jam 11:22:33:44:55:66.
Modify this script to specify which network you would like to jam.
Without -a, wifijammer.py will jam any and all networks it comes
across, be careful and only attack networks you are legally allowed to.
I've put up a document archive for all of the EFFs NSA documents. You can download the entire zip file in one click, no BS. I've signed it with my public key so you can verify it's legit. Head over this way for the details and mirroring instructions.
As some of you know, I co-host Security:inThirty with Chaim Cohen. We get emails from time to time from listeners with questions, comments, and stories. One frequent listener informed us about a very strange security problem they were running into with Google Drive: They can access someone else's files, even though they haven't this user hasn't shared anything with them.
As strange as this issue seems at first glance, I couldn't dismiss it as user error, as I had seen the same thing once in the past myself, and have read about it happening in a few other instances. The user in question is Gunnar Haid, he's technically apt and security aware. This isn't user error (at least on his part), and I doubt this is human error by the other user either (more on this in a bit). This problem isn't widespread (as far as I can tell), but other Drive permissions bugs have been very prevalent in the community (such as being unable to delete files you own).
I was sent an email thread and several screenshots detailing the problem. I am not releasing either in the interest of privacy (most screenshots would need to be heavily censored, removing the point of posting them). The first thing Gunnar did was contact Google support, the right move. One support rep was convinced that the other user had marked their files as "public on the web", this is not the case. Gunnar has provided screenshots showing file permissions that list only the owner has access and that link sharing is disabled. Gunnar was then passed around to a couple other support reps, running in circles trying to explain the same issue, to no avail. As it stands today, Google requested (and has received) screenshots, but has not responded to the issue since October 1st 2014.
The user in question who is having their data leaked by this bug is very technical as well. They have several websites and work in a tech-based field. The filenames also lend me to believe this person is very technical and working with advanced tech (for non-tech people, anyway). For obvious reasons, I can't go into personal details beyond that, but needless to say, this user is also very technically apt.
This isn't a case of user error, this looks like a pretty serious bug that Google needs to take a hard look into. The big issue here is someone's files are completely accessible by someone else who has no relation to the user. Our show has a small (but dedicated) following and it makes me wonder how widespread this issue is. It doesn't seem widespread, but I have no way of knowing for sure. If Google would comment on the issue, I'll be more than happy to post the response, at the moment, I'm only concerned with getting this fixed and figuring out why it happened in the first place.