Comments on: Pwned @ hack.lu?

By: Didier Stevens

Didier Stevens — Mon, 29 Oct 2007 11:43:18 +0000

That’s my Nokia N800, more pics here: http://blog.didierstevens.com/2007/06/05/omg-my-n800-is-infected/

By: uber

uber — Sun, 28 Oct 2007 17:59:47 +0000

Nice GUI. What’s that? Seems like Vista but…

By: Hackers Blog » Blog Archive » Security conference attendees fall victim to man-in-the-middle hack

Mon, 22 Oct 2007 12:11:52 +0000

[...] witnessed a man-in-the-middle attack on the TLS at hack.lu (a hacker/security conference held in Luxembourg) [...]

By: tlr

tlr — Sun, 21 Oct 2007 09:48:30 +0000

My bet is on ettercap, since the attacker used the default public key that is shipped with that piece of software — but of course that’s not proof.

Evidence and a bit of analysis are here:
http://log.does-not-exist.org/archives/2007/10/20/2144_hacklu_mitming_a_room_full_of_security_people.html

By: achtung!

achtung! — Sun, 21 Oct 2007 03:10:07 +0000

Yeah, there’s a way to create a fake certificate using Cain & Abel. Then you get a “secure” connection to the owner of the false certificate so you transmit your password

By: Benny K

Benny K — Sat, 20 Oct 2007 23:33:30 +0000

Here is an analysis
http://log.does-not-exist.org/archives/2007/10/20/2144_hacklu_mitming_a_room_full_of_security_people.html

By: Noah

Noah — Sat, 20 Oct 2007 23:01:14 +0000

Someone used Cain & Abel in APR mode between the gateway and it’s users…?

By: Benny K

Benny K — Fri, 19 Oct 2007 23:36:36 +0000

And still a lot of people clicked through (they told me). I also saw it and I checked the name and the CA and it seemed fine. The analysis from someone in the public on the beamer was breathtaking.

And a lot of people in the audience were security professionals. I guess no one is perfect. It was a devious attack.