/tech/ - Technology

Where proprietary software comes to die

Posting mode: Reply

Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Expand All Images


VAULT 7 YEAR 0 = CIA HACKING OPERATIONS REVEAL 2013-2016 Anonymous 03/07/2017 (Tue) 14:19:37 [Preview] No. 8168
https://wikileaks.org/ciav7p1/

>tfw you were born in just the right time to learn about the CIA's hacking capabilities

It turns out the CIA has a bigger hacking operation than the NSA.

I'm sure Trumpcucks will use this to take down the old guard and build a new, as Jewish as ever guard, but still, it's interesting and educational.


Anonymous 03/07/2017 (Tue) 14:23:22 [Preview] No. 8169 del
Especially relevant is that the CIA has automated tools to attack even Linux routers, so let's use this info to develop more secure ones.

https://wikileaks.org/ciav7p1/#HIVE

>HIVE

>HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.

>The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.

>Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.

>The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.

>Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.


Anonymous 03/08/2017 (Wed) 07:20:26 [Preview] No. 8171 del
>>8169
Interesting. I wonder what their exploit is to allow that level of access across all those platforms? Intel ME/AMD PSP in action?


Anonymous 03/09/2017 (Thu) 19:32:00 [Preview] No. 8178 del
>One of the notable disclosures is that Assange will share details on the CIA's hacking tools with the tech industry before releasing them to the general public. The WikiLeaks founder said he has much more detailed information about CIA hacking techniques and will allow tech companies access so they can "develop fixes" before the information is more widely published.

http://www.zerohedge.com/news/2017-03-09/watch-live-wikileaks-holds-delayed-press-conference-cia-vault-7



Top | Return | Catalog | Post a reply