What is Amazon Alexa?

Amazon’s Alexa is an intelligent personal assistant that is capable of many things such as, “voice interaction, music playback, making to-do lists, setting alarms, streaming podcasts, playing audiobooks, and providing weather, traffic, and other real time information, such as news”. Alexa is also compatible with a wide variety of other home automation products and hopes to be the main hub where commands are issued. Most devices allow wake words like “Echo” to be used, while some others require buttons to be pushed or tapped.

amazon-echo-dot-tap-family-alexa-speakers

The image above is Amazon’s main echo line up, but does not include the Echo Show, Dash Wand, and Echo Look. Many other third party manufacturers also create devices that the Alexa voice platform can run on.

Just like your phone, Alexa can become smarter through the addition of apps, otherwise known as skills. They can add lots of interesting functionality and improve the user experience greatly. Skills are made using the Alexa Skills Kit, which is publicly available to anyone looking to develop for it.

Home automation is also a big feature that Alexa has. It can interface with products from a wide variety of manufacturers, including Belkin Wemo, ecobee, IFTTT, Insteon, LIFX, LightwaveRF, Nest Thermostats, Philips Hue, SmartThings, Wink, and Yonomi.

If you have an Android phone, you can use Tasker or IFTTT in order to control parts of your house with Alexa. You can see me turning on my computer with no additional hardware with these two services in a previous post.

As you can see, Alexa is a growing platform that has unlimited potential that needs more and more developers to improve. I suggest you go to https://developer.amazon.com/alexa-skills-kit/tutorials in case you wish to learn how to build your own personalized skill.

Cybersecurity Hacking Topics

This month I taught a cyber security class that had two sessions, each a week long. In both of them we went over the topics listed below…

  • Setting up a virtual machine
  • Booting a Linux distro designed for penetration testing/hacking (Kali-Linux)
  • Using an external wireless card (TP-Link TL-WN722N)
  • Putting the wireless card into monitor mode with airmon-ng, scanning for networks using airodump-ng
  • Capturing WPA handshake by death all devices
  • Navigating Linux filesystem and starting Fluxion shell script
  • Using pyrit to check a WPA handshake and hostapd to spoof/duplicate a network
  • Using SSL and launching a webserver in the background to capture passwords/check them against the handshake with aircrack-ng
  • Scanning a network to see all available devices with cSploit and nMap
  • Performing Man in the Middle attacks and session hijacking with cSploit, NetCut, and Network Spoofer
  • Different types of network security – WEP, WPA, WPA2
  • Dangers of keeping WPS enabled on your router
  • Password managers and their importance to keep you safe online
  • Security patches and update to safeguard from viruses and ransomware
  • Router settings (often 192.168.1.1) and changing its default password to something more secure
  • AdBlock and HTTPS everywhere extension to avoid insecure connections
  • Importance of backing up computers in case of hardware failure or virus attack
  • Creating a guest SSID in order to create a wall between personal devices and foreign devices
  • Updating all browsers to newest version to not be vulnerable on the web
  • Importance of 2 factor authentication on main accounts
  • Identifying and avoiding phishing attempts
  • Using a VPN on public WiFi networks
  • DNS and what its used for
  • How to setup an alternative DNS service (OpenDNS) and block/filter certain content and sites
  • Changing router settings to replace DNS and add port forwarding or blocking
  • Using Wake-On-Lan to turn on a PC remotely
  • Using the Metasploit framework to deploy a Trojan APK to an Android device
  • Setting up a reverse HTTPS listener and waiting for the app to connect to launch meterpreter
  • Using various meterpreter commands to control the device remotely
  • Using the Metasploit GUI, Armitage in order to run exploits against other machines
  • Hail-Mary attack to try all possible exploits to gain access to meterpreter
  • Learned about online anonymity through Tor onion routing protocol and the use of online decentralized cryptocurrency
  • DDOS and DOS attacks with LOIC (Low Orbit Ion Cannon)
  • Brute force online logins with Burp Suite

I think it was a rewarding experience for me as a teacher and I hope I inspired more kids to take on ethical hacking.

 

Google’s SafetyNet API on Android

SafetyNet is an API created by Google in order to assess the quality of a device and if it has been tampered with. For example, it checks if the device is running a custom ROM or has root access.

Any devices that come preloaded with the Google Play Store and other apps must pass a test known as the Compatibility Test Suite, or CTS. Rooting or installing ROMs breaks this and makes your device fail the test. Many banking/secure apps check for validity of this in order to run, making it very important.

Google Play Services downloads a program that runs in the background called “snet” which sends data back relating to the device’s status. It most likely checks for a modified system partition.

This SafetyNet restriction only works if developers integrate it into their apps, meaning many won’t even check for its presence. An example of an app that does however, is Android Pay. It checks and detects the presence of tampering to block the use of sensitive payment data.

img_56afe847548e1

There are many unofficial ways to try and bypass this using apps such as Magisk, which are useful for hiding the superuser binary and not triggering a CTS profile mismatch.

Although SafetyNet is very beneficial to Android’s overall security, it is causing people who root their phone to find other ways to get around the restrictions. This leads to an endless cat and mouse game between Google and people who like messing with their phones.

Aircrack-ng Wi-Fi Cards and Packet Injection

Aircrack-ng is a tool that can be used to hack Wi-Fi networks and recover their passwords. In order to do this, you will often need an external wireless card that supports packet injection.

4657__aircrack_ng_2_28_5_15

Each operating system is different, meaning some have more limitations than other. Linux for example, is capable of injection and listening to network traffic. Windows is only capable of listening to the traffic which is a software limitation.

Picking the right card is dependent on personal requirements, such as what interface to use and much range you need. USB is the most common, and can be used even when mounted into a virtual machine. Each card also has two manufacturers, the brand of the card and the chipset maker. Brands can include Linksys, TP-Link, Belkin etc, which the two biggest chipset makers are Atheros and Realtek.

The chipset manufacturer is crucial to know because it is what lets you know if your operating system is supported and there are proper drivers for it.

Here is a list of cards that are supported and have been tested to work. – https://www.aircrack-ng.org/doku.php?id=compatibility_drivers#which_is_the_best_card_to_buy

Personally I have the TP-Link TL-WN722N, which is very popular and only about 10-15 dollars, making it very accessible and can help you improve your skills greatly.                   – https://www.amazon.com/TP-Link-N150-Wireless-Adapter-TL-WN722N/dp/B002SZEOLG

Using these cards in a Linux Virtualbox environment is also very important, as all you have to do is enable it in the USB filter settings.

mj57a

As you can see, the Wi-Fi card you select is very important, as it extends the functionality and features you have access to in your penetration testing environment. Always make sure to see if it is compatible before buying, and don’t do anything illegal with it.

Ransomware and Wannacry

Ransomware is a “type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it”. Due to the complexity of this malware, it is almost always impossible to recover your files without paying the amount of money they state. The encryption methods are very strong and will delete all the data if you don’t pay in a certain time frame.

Some of the most well known ones include Cryptolocker, CryptorBit, and more recently, Wannacry. All of these work in similar fashion, locking files and demanding payment.

21

In current events, Wannacry has been very prevalent in the news for affecting the National Health Service in UK. The malware spread from one Windows computer to another through a FTP vulnerability. This was patched by Microsoft already, but the operating systems on the affected computers were not up to date.

wana_decrypt0r_screenshot

A few hours after this malware went viral, a researcher dug through the code and found that there was kill switch connected to a domain name. He went ahead and registered it, effectively stopping the malware from being activated.

ida

Although it has temporarily been stopped, it has continued to exist as there are new versions with the kill switch removed and is being spread very quickly.

As a consumer, you should make sure all your Windows computers are up to date with the patches and be aware of what links you visit and websites you go to. If you are already affected, make sure to disconnect from your network so it doesn’t spread. Also, you shouldn’t pay the ransom because often times you will not even receive the decryption key due to how busy they are.

Lockheed Martin Codequest 2017

Recently, my friends and I went to Lockheed Martin to participate in a national coding competition called Codequest. It is open to all high school students and the main objective is to solve as many coding problems as you can within 2.5 hours. They provide you with a packet filled with about 15-20 problems with varying point values.

The team then needs to divide their time among all of them and if they are capable of completing the ones they choose. Another thing is that you have no access to the internet and are allowed only one book of information. You can code in either Java or Python, but a majority used Java.

Most of the problems are very logical and require a lot of math and basic programming such as using loops and splitting/parsing strings because the output has to be perfect with no errors. Even one spelling mistake can cause the PC2 program to give you an error. Due to this issue, we took too much time on one question trying to find the error. Eventually we did at the last minute, but we wasted many opportunities to get more points.

The judges have their own list of inputs and predicted outputs that they run against your program so you can’t hard code any of the program. Once you submit your program to run, you get an instant report on if it ran successfully or if you need to try again.

In the end, we managed to get two of our problems to run successfully, which got us 3rd place in the novice competition. Next year we hope to get 3rd in the Advanced division and to practice our skills more.

C-oNKSlUIAA9w_S

Using a VPN or Tor on Android

Both VPNs and the Tor network can be used to protect your online traffic and others from getting your real identity.

Setting up a VPN on Android is a fairly simple process. Searching for free VPNs in the Play Store will yield hundreds of results. The one I use however, is called Hotspot Shield and will work on most as it has been upgraded to use SSL, which can bypass many filtering services.

This slideshow requires JavaScript.

The app is very user friendly and only has one big button in the middle. After clicking it for the first time, you will be greeted with a connection request dialog you must accept. After this, you will be connected to a random server around the world, often in the same country. To connect to other countries, you will need to pay for Elite, which will give you more options and servers you can choose.

There are many other VPN services available, paid or free. Each has pros and cons, but all aim to serve the same purpose.

Tor is very different from a VPN because it can be used to randomize your connection every few minutes. This is secure as well, but can be significantly slower because it travels through many servers, rather than just once.

This slideshow requires JavaScript.

Once you click start, you can enable Tor for just the browser, or run your whole device and its apps through it. This uses the VPN feature of your phone to work, but is very flexible due to the wide variety of options.

With root access, you can transparently proxy your whole phone, making it even more anonymous and hard to detect. Also if the network you are on or country you live in is censoring your connection, you can use various bridges and alternate paths to still connect to the network.

Both VPNs and Tor can be beneficial when you are using your phone on public networks or if you need to access blocked content or services. They serve as a way to battle internet censorship and can allow access to things only available in certain countries. Tor is also open source, meaning you can take a look at its code and can compile your own version of it to use.

Creating a bootable USB drive with Rufus

A bootable USB drive is a stand alone drive that a computer can boot from or use to install an operating system. If you have ever needed to install Windows on a new computer, this is the way to do it.

A tool called Rufus for Windows allows you to burn .ISO images to a drive and makes it bootable.  There are various images that you can download including Windows, Linux, Mac etc.

For demonstration purposes, I have an .ISO for a popular disk partitioning software (GParted) which I am going to boot as a Live CD. This allows the computer to run directly from the drive with no installation. After inserting a flash drive with a high enough storage capacity and backing up any data on it, you can open the rufus.exe file.

Capture

After this, select the USB device from the Device dropdown section. Choose your Partition scheme and target system based on your computer’s BIOS. Name the volume label and then select your ISO image. After you have done it all, you can click START.

Capture2

If you get a message like this, select ISO image mode and click OK.

Capture3

Be sure you have no files that you need and then click OK because all your data will be erased.

Capture

After the bar is completely green, shutdown your computer and then click the F8, F11, or F12 button as it varies. Try all of them to see which one works. Then select your newly created drive from the screen.

IMG_20170423_234642

Once you do, you are free to do whatever you want in the Live CD environment or to install your OS.

IMG_20170423_234652IMG_20170423_234743

This is a very useful tool and can be used for troubleshooting your PC or to use special software that needs to be run directly, not on top of an OS.

What is a USB OTG cable?

A USB OTG cable or adapter is a small dongle that allows you to plug in full size USB port devices into your phone or tablet. On Android, this can serve many purposes and expand your devices functionality.

313wwtrub0l-_sx425_

This is a USB C to USB Female adapter that can be plugged into your device.

File Transfer

One of the most useful is to transfer files from your phone to a USB stick or the other way around. This is useful for reading media off another drive and not using your devices internal memory. Using a hard drive, you can effectively add multiple terabytes of storage that your phone can read and playback on your phone.

Charging other devices

As you can see from the image above, you can also charge other devices using your phone’s internal battery. For example, if your tablet was full charged and your phone was running low, you could transfer some power over to it.

charging-a-phone-with-another-phone-1024x632

Connecting a mouse and keyboard

By connecting a mouse and keyboard, you can navigate throughout your device while also being more productive if you are trying to type an essay or email. Also, if your phone screen ever cracks and is unresponsive, you can use a mouse to save your important files or until you can replace your screen.

This is a GIF of a mouse connected to a phone and navigating around it.

ezgif-1-6186b8baf2

Playing games with an external controller

If you have games that support it, you can easily plug in a wired XBOX or PS controller to play the game. This can emulate the feel of having a console and can make game play much smoother.  Many Android Emulators for older consoles and handhelds can map the buttons to whatever in game action you would like.

This is Minecraft Pocket Edition running on a tablet with a controller attached.

mcpe-controllers-xbox-360

While these are some of the main functions, there are many others such as…

  • MIDI device to make music
  • Control DSLR cameras
  • Connect an ethernet cable
  • Use a USB based camera
  • Use USB accessories that require power, like an LED or Fan

A cable for your device can be found on sites such as Amazon or eBay. In the end, buying a simple $5 dollar cable or dongle can greatly improve your experience with Android and the way you use your device, so I highly recommend it.

Turning on your computer with voice: Alexa and IFTTT

Amazon Alexa is a powerful voice assistant that is capable of connecting to services such as IFTTT, which allows you to “create chains of simple conditional statements”. This allows you to do many things by connecting your voice to various other web services. To turn on your PC however, you need a couple of things.

Once you get all of these, open the IFTTT app and enable this applet. You also need to connect your Amazon account by signing in.

Screenshot_20170409-214455

 

After this, open the Wake on Lan app and add your device from the list, or enter the MAC and IP address manually.

Screenshot_20170409-214752

Then, follow these steps to configure the router to be able to send magic packets to wake your computer: HowToGeek.

After that’s done, shut down your computer and test it through the Wake On Lan app. If it turns on, then you have done everything successfully and can proceed to the Tasker setup.

Once you open Tasker, you need to navigate to the Tasks panel and then click the plus button at the bottom. After naming it (Alexa WOL), you click the plus, Plugin and then Wake on Lan. Choose your computer from the list and then back out of the menu.

Screenshot_20170409-214550

Swipe to the leftmost panel (Profiles),  and click the plus. From the list, choose Event, Phone, and then Received text. Enter the text: “PC is booting” and then leave the sender portion blank. Back out and then select a task for that to trigger.

Screenshot_20170409-214603

Now go to the IFTTT app and set the text phrase to be “PC is booting” as we did earlier. It has to be exact, or it won’t work.

Screenshot_20170409-231124

If all is correct, you can now go to your Alexa device, and say “Alexa, trigger pc on” and it should respond by saying “Sending that to IFTTT”. If your phone receives a message and your computer boots, you have successfully configured everything correctly.

Here is a video of it in action.

This is just one of the many useful functions of Alexa as well as IFTTT. You can check out many more applets and uses for voice commands to make your life easier and become more productive.