We've been busy squireling away on a much requested project - a commercial Snoopy offering. We've called it ShadowLightly, and we'd like to invite you to join the beta explorer program. We're going to offer ten 3-month trials to the site (you'd need to buy sensors / build your own), and in return we'd ask that you help us debug any issues. To apply, please email email@example.com - introduce yourself, and tell us a little about why you'd like to join the program.
To those who missed the Snoopy party: it's a distributed, tracking, profiling, and data interception framework. It's all open source and you can run your own setup for non-commercial purposes. Here's some more info:
How does this ShadowLightly thing work? You'd create an account on our ShadowLightly.com site, register your sensors, run your sensors uploading their data to our server, and then explore the data in both the website and in Maltego. We've built TDS transforms to query the remote data.
Here's a video which may explain it all better:
We're looking forward to working with you!
Hello from Las Vegas! Yesterday (ed: uh, last week, my bad) I gave a talk at DefCon 22 entitled 'Practical Aerial Hacking & Surveillance'. If you missed the talk the slides are available here. Also, I'm releasing a paper I wrote as part of the talk entitled 'Digital Terrestrial Tracking: The Future of Surveillance', click here to download it.
The Snoopy code is available on our GitHub account, and you can join the mailing list here. Also, congratulations to @AmandersLPD for winning our #SnoopySensor competition! You can see the output of our *amazing* PRNG in action below:
Part Type Link
Frame DJI F450 http://www.uavproducts.com/product.php?id_product=25
Flight Controller APM 2.6 https://store.3drobotics.com/products/apm-2-6-kit-1
ESCs DJI 30A http://www.dronesvision.net/en/dji-f330-f450-f550/365-dji-esc-30a-opto-brushless-speed-controller-for-f330-f450-f550.html
Motors DJI 920KV http://www.ezdrone.com/product/dji-2212920kv-brushless-motor/
Radio Turnigy 9x http://www.hobbyking.com/hobbyking/store/__8992__turnigy_9x_9ch_transmitter_w_module_8ch_receiver_mode_2_v2_firmware_.html
Radio TX HawkEye 1W http://www.aliexpress.com/item/433Mhz-HawkEYE-openLRSngTX-UHF-system-JR-Turnigy-compatible-and-433MHz-9Ch-Receiver/1194330930.html
Radio RX HawkEye 6ch http://www.aliexpress.com/store/product/DTF-UHF-6-channel-long-range-receiver-By-HawkEYE/933311_1511029537.html
FPV Camera Sony 600 http://www.tecnic.co.uk/Sony-600-TVL-CCD-Mini-Camera.html
Video TX 600mw http://www.hobbyking.com/hobbyking/store/__17507__immersionrc_5_8ghz_audio_video_transmitter_fatshark_compatible_600mw_.html
OSD Minimosd https://store.3drobotics.com/products/apm-minimosd-rev-1-1
HD Camera GoPro3+ Black http://gopro.com/cameras/hd-hero3-black-edition
Goggles SkyZone http://www.foxtechfpv.com/skyzone-fpv-goggles-p-1218.html
FC GPS uBlox GPS https://store.3drobotics.com/products/3dr-gps-ublox-with-compass
Lost quad GPS Fi-Li-Fi http://uavision.co.uk/store/index.php?route=product/product&product_id=54
Payload BeagleBone Black https://github.com/sensepost/snoopy-ng
SensePost today is proud to announce the completion of a contract that will see the company recognized as the world's first “Approved Maltego Solution Provider” (AMSP) and the exclusive provider of this kind in the UK and Southern Africa.
SensePost was founded in 2000 and has developed into one of the worlds leading Information Security Services companies with offices in London, Cape Town and Pretoria. As trusted advisors it has always been our mission to provide our customers with insight, information and systems to enable them to make strong decisions about Information Security that support their business performance. Whilst this mission has traditionally expressed itself in technical security analysis services like Vulnerability Assessment and Penetration Testing we recognise that the threat landscape is constantly changing and that new and more complex realities necessitate the use of sophisticated new skills, tools and techniques with which to support our clients.
“This strategic alliance perfectly fits the ‘Assess-Detect-Protect-Respond' framework that drives the way we design, sell and deliver our service. It's the perfect evolution of our growing services offering.” says Etienne Greef, CEO of the SensePost group holding company SecureData, who's strategy is at the core of this new initiative.
‘Maltego', built by Paterva, is a powerful suite of software tools used for data mining, link analysis and data visualization, giving the user the ability to extract large volumes of data from diverse sources and then analyze it to understand the patterns and relationships it reveals. In the modern digital age these techniques are used to convert data into information and thereby extract concrete value that can be used for effective decision-making.
Maltego is a highly regarded and popular platform used extensively in Open Source Intelligence Gathering, Infrastructure Analysis for Penetration Testing, Cyber Attack Analysis, Fraud Detection and Investigation, Security Intelligence, Information Security Management, Research and more.
This partnership between SensePost and Paterva (who produce the Maltego software) builds on the companies' shared roots and intellectual heritage and will allow both companies to serve their customers and fulfil their respective missions better.
As an AMSP SensePost will be authorised to provide integration, consulting, support and training for the Maltego tools with full endorsement, support and assistance directly from Paterva. This new capability, combined with an existing wealth of information security skills and experience, uniquely positions SensePost to advise and support clients seeking to exploit the unique strategic advantage the Maltego toolset can offer.
It was originally released as a PoC at 44Con 2012, but this version is a complete re-write, is 99% Python, modular, and just feels better. The 'modularity' is possibly the most important improvement, for reasons which will become apparent shortly.
We've also made it much easier to run Snoopy by itself, rather than requiring a server to sync to as the previous version did. However, Snoopy is still a distributed framework and allows the deployment of numerous Snoopy devices over some large area, having them all sync their data back to one central server (or numerous hops through multiple devices and/or servers). We've been working on other protocols for data synchronisation too - such as XBee. The diagram below illustrates one possible setup:
|ZigBee||Digi Xbee||1km to 80kms|
The distances can be increased with appropriate antennas. More on that in a later blog post.
git clone https://github.com/sensepost/snoopy-ng.git
1. To save data from the wireless, sysinfo, and heartbeat plugins locally:
snoopy -v -m wifi:iface=wlanX,mon=True -m sysinfo -m heartbeat -d <drone name> -l <location name>
snoopy_auth --create <drone name> # Create account
snoopy -v -m server # Start server plugin
snoopy -v -m wifi:iface=mon0 -s http://<server hostname>:9001/ -d <drone name> -l <location name> -k
There sure is a lot of stunt hacking in the media these days, with people taking existing hacks and duct-taping them to a cheap drone for media attention. We were concerned to see stories on snoopy airborne take on some of this as the message worked its way though the media. What's the benefit of having Snoopy airborne, then? We can think of a few reasons:
Wireless hacking, you say?
You may think wireless hacking is nothing new, and you may think it's just not that relevant or exciting. Come along to our BlackHat Wireless Bootcamp course and we'll show you different! We'll teach you the fundamentals every wireless hacker needs to know, but then move onto the really exciting, cutting edge stuff.
Cutting edge WiFi hacking, you say?
At SensePost we really enjoy wireless hacking - mostly because it gets us good results in terms of compromising our targets! With our years of experience in this area we've written our own tools, as well as refined others. In this course we'll reveal new techniques and tools (can you smell 0day?) that we'll hopefully be presenting at the conference, and give you exclusive hands on training with our very own Snoopy framework (a distributed, tracking, data interception, and profiling framework). Two lucky students who capture our CTFs will also go home with pre-built Snoopy drone. Every student will also get their own Alfa WiFi card to take home, as well as the latest Snoopy pre-release (Snoopy will run fine on your laptop too).
Here's an exact break down of what to expect from this course:
• Wi-Fi theory and background
• Breaking WEP
• Breaking WPA PSK
• Man in the middle attacks for WPA MGT (new attack vectors)
• Breaking WPS
• Wi-Fi Router back doors
• Rogue Access Points attack scenarios (new attack vectors)
• Exclusive Snoopy training
Who should attend?
Anyone interested in WiFi security. The course is relevant for both attackers and defenders (it'll let you put your defense into context). Students should have some technical ability in Linux, and understand networking fundamentals, but this is a bootcamp level course.
Dominic (@singe) and Glenn (@glennzw) will be your instructors. They're both avid wireless hackers, and never leave home without a high gain antenna and an Alfa card! They're looking forward to training you. You can find the sign-up page here.
-Glenn & Dominic