Internet trick

How To Hack Satellite Internet & Surf Anonymously
1 Comments
A Spanish researcher demos new satellite-hijacking
tricks with cybercriminal potential.
Satellites can bring a digital signal to places where the
Internet seems like a miracle: off-the-grid desert solar
farms, the Arctic or an aircraft carrier at sea. But in
beaming data to and from the world’s most remote
places, satellite Internet may also offer its signal to a
less benign recipient: any digital miscreant within
thousands of miles.
In a presentation at the Black Hat security conference in
Arlington, Va., Tuesday, Spanish cybersecurity
researcher Leonardo Nve presented a variety of tricks for
gaining access to and exploiting satellite Internet
connections. Using less than $75 in tools, Nve, a
researcher with security firm S21Sec, says that he can
intercept Digital Video Broadcast (DVB) signals to get
free high-speed Internet. And while that’s not a
particularly new trick–hackers have long been able to
intercept satellite TV or other sky-borne signals–Nve
also went a step further, describing how he was able to
use satellite signals to anonymize his Internet
connection, gain access to private networks and even
intercept satellite Internet users’ requests for Web pages
and replace them with spoofed sites.
“What’s interesting about this is that it’s very, very
easy,” says Nve. “Anyone can do it: phishers or Chinese
hackers … it’s like a very big Wi-Fi network that’s easy
to access.”
In a penetration test on a client’s network, Nve used a
Skystar 2 PCI satellite receiver card, a piece of hardware
that can be bought on eBay ( EBAY – news – people )
for $30 or less, along with open source Linux DVB
software applications and the network data analysis or
“sniffing” tool Wireshark.
Exploiting that signal, Nve says he was able to
impersonate any user connecting to the Internet via
satellite, effectively creating a high-speed, untraceable
anonymous Internet connection that that can be used for
nefarious online activities.
Nve also reversed the trick, impersonating Web sites
that a satellite user is attempting to visit by intercepting
a Domain Name System (DNS) request–a request for an
Internet service provider (ISP) to convert a spelled out
Web site name into the numerical IP address where it’s
stored–and sending back an answer faster than the ISP.
That allows him to replace a Web site that a user
navigates to directly with a site of his choosing,
creating the potential for undetectable cybercrime sites
that steal passwords or installs malicious software.
In his tests on the client’s network, Nve says he was
also able to hijack signals using GRE or TCP protocols
that enterprises use to communicate between PCs and
servers or between offices, using the connections to
gain access to a corporation or government agency’s
local area network.
The Barcelona-based researcher tested his methods on
geosynchronous satellites aimed at Europe, Africa and
South America. But he says there’s little doubt that the
same tricks would work on satellites facing North
America or anywhere else.
What makes his attacks possible, Nve says, is that DVB
signals are usually left unencrypted. That lack of simple
security, he says, stems from the logistical and legal
complications of scrambling the signal, which might
make it harder to share data among companies or
agencies and–given that a satellite signal covers many
countries–could run into red tape surrounding
international use of cryptography. “Each [country] can
have its own law for crypto,” says Nve. “It’s easier not
to have encryption at the DVB layer.”
Nve isn’t the first to show the vulnerability of
supposedly secure satellite connections. John Walker, a
British satellite enthusiast, told the BBC in 2002 that he
could watch unencrypted NATO video feeds from
surveillance sorties in the Balkans. And the same lack of
encryption allowed insurgents to hack into the video
feed of unmanned U.S. drone planes scouting
Afghanistan, the Wall Street Journal reported in
December.
In fact, the techniques that Nve demonstrated are
probably known to other satellite hackers but never
publicized, says Jim Geovedi, a satellite security
researcher and consultant with the firm Bellua in
Indonesia. He compares satellite hacking to early phone
hacking or “phreaking,” a practice that’s not well
protected against but performed by only a small number
of people worldwide. “This satellite hacking thing is still
considered blackbox knowledge,” he wrote in an e-mail
to Forbes. “I believe there are many people out there
who conduct similar research. They may have some cool
tricks but have kept them secret for ages.”
At last year’s Black Hat D.C. conference, British
cybersecurity researcher Adam Laurie demonstrated how
he intercepts satellite signals with techniques similar to
Nve, using a DreamBox satellite receiver and Wireshark.
But Nve argues that his method is far cheaper–Laurie’s
DreamBox setup cost around $750–and that he’s the
first to demonstrate satellite signal hijacking rather than
mere interception.
“I’m not just talking about watching TV,” says Nve. “I’m
talking about doing some very scary things.”
At 12:57 PM, satellite_hacker said…
Satellite hacking for fun isn’t cheap! One of the sessions
I was really looking forward to ahead of the Black Hat
DC event this year was Adam Laurie’s session titled –
Satellite Hacking for Fun and Profit.
It’s a session that didn’t disappoint, Laurie is always
entertaining, but it also revealed how much effort is
actually required to try and get at satellite signals.
First off, Laurie prefaced his talk by noting that he
wasn’t going to talk about hacking the actual satellite in
space itself.
“I’m playing it safe and just looking at what is coming
down,” Laurie told the Black Hat audience.
Instead what Laurie focused his talk on was something
he called ‘Feed Hunting’ – that is looking for satellite
feeds that are not supposed to be found. Laurie claimed
that he has been doing satellite feed hunting for years –
at least as far back as the untimely demise of the late
Princess Diana in 1997. Laurie claimed that he was able
to find a non-public feed from a TV broadcaster that had
left their transponder on in a Paris hotel room.
Fast forward a dozen years and Laurie commented that
the technology to identify satellite feeds has progressed
dramatically. Among the reasons why he satellite feed
hunting has gotten easier is an open source based
satellite received called the dreambox.
Laurie explained that the dreambox has a web interface
that makes it easier to find streams and provides
information on what the stream includes. Another open
source technology also helps to feed hunt satellite
content.
A project called dvbsnoop is a DVB (dIgital video
broadcasting) and MPEG stream analyzer that lets the
user access raw data from DVB card. By sifting through
the raw data, Laurie demonstrated that interesting
satellite feeds that weren’t intended to be public could
be found.
Going a step further, Laurie claimed that he had created
his own python based script called dreaMMap that could
create a 3d model of satellite frequency transmissions.
With the 3D model the user just does a point and click
to steer dish to a particular satellite frequency. One
memory of the Black Hat audience asked Laurie if what
he was doing was legal. Laurie shrugged and
commented:
“I’m in the US giving a talk where I’m tunneled to my
server in the UK and looking at a satellite in space that
is over Africa – so who would get me?”
All told there is a financial cost to Laurie’s satellite feed
hunting techniques – and that cost is approximately
$785 for the Dreambox hardware, the actual satellite dish
and then the motor and the mount for the dish. Well I
guess if you’ve got the money to burn…
SOURCE: Satellite Internet Blog
Related posts:
More Related Post on Sidebar
1. How to secure your computer and surf fully Anonymous
BLACK-HAT STYLE
2. Hack Like a Pro: How to Exploit and Gain Remote Access
to PCs Running Windows XP
3. How We Found the File That Was Used to Hack RSA
4. Timelapse: A Satellite’s Trip Around the World
5. Internet Giants Enlisted for Government Surveillance
By Archive