Latest News
April 2011: Forged spam campaigns
Various spam messages pretending to be sent by us have been distributed through the Internet. They start with a phrase like Dear Potential Customer, contain various false claims, exaggerations and typos and promise some special offer if you visit our web site.
We are definitely not the authors of these messages and apologize for the inconvenience this may have caused to you.
Our official mail servers are registered in the DNS using the sender policy framework(SPF). If your servers are configured to look up SPF information, you should be protected from fake e-mail pretending to be from Objectif Sécurité.
Mars 2011: IT Security Days
We have participated to theDecember 2010: Launch of netobservatory.ch project
The netobservatory.ch research project lead by the ICT institute of Ecole d'ingénieurs et d'architectes de Fribourg aims to provide concrete and verified images and statistics of the security of the Swiss Internet. A first report was published and presented during a press conference. We participate actively in this interesting project by collecting public data about the Swiss Internet.November 2010: OS at the hashdays (Defcon Switzerland)
Philippe Oechslin attended the hashdays conference organized by Defcon Switzerland in Luzern at the beginning of November. He gave a talk about tests we made on Extended Validation SSL certificates to determine how thrustworthy they were. The slides of this talk named Testing the limits of EV certificates can be downloaded here.October 2010: Forensic analysis of a printer
Modern printers offer very extensive features and enable users to store documents before them being printed. In one of our audits we got access to a hard drive of such a printer and recovered the partitions using reverse-engineering techniques. As expected, a forensic analysis of the recovered partitions then yielded a load of confidential documents.May 2010: Launch of the private business network YESweBIZ.ch
Objectif Sécurité participated in the launch of a new Swiss professional social network named YESweBIZ.ch. We were seducted by the powerful confientialy management system and the privacy apects of YESweBIZ and helped them in developing the security and availabily of the project.April 2010: Vulnerabilities reported in Typo3
Typo3 is a well-known CMS built in PHP. A customer asked us to audit the code and try to find vulnerabilities in the CMS core and in some of its extensions. We reported several vulnerabilities to the Typo3 security team. Some of them were published in a security bulletin, others were already reported but not published at that time.February 2010: 10 million downloads, free rainbow table
In January, the downloads of Ophcrack have broken the 10 million mark! In the general euphoria following this event we decided to make our XP_special rainbow table available on-line for free. This cracks passwords made of 52 mixed case letters, 10 numbers and 33 special characters of length up to 14 in 5 seconds average! This performance is achieved by putting the XP special table on steroids (we increased the size from 8GB to 90GB and host it on an SSD). If you just need to crack a single password, feel free to peruse our demo rather than purchasing and downloading the 8GB table.December 2009: OS at the 26C3
Objectif Sécurité has participated to the 26th Chaos Computer Congress 26c3 in Berlin. Philippe Oechslin gave a lecture on finding and exploiting crypto bugs through reverse engineering. You can see the talk on Youtube with demos on how to circumvent AES 256 and Blowfish on three commercial products.November 2009: Broadband penetration testing
We have spent most of November doing a broadband penetration test for one of our customers. We enjoyed penetration attempts on the perimeter infrastructure and Single Sign-On solution, leak tests on virtualized environments, intrusion tests throughout the internal network and finally reverse engineering of unusual internal application protocols to carry out man-in-the-middle attacks. Even in environments with very good security there are always weak spots and doing a broad security audit lets the customer know where the security efforts should be directed to.September 2009: OS everywhere
In September Objectif Sécurité gave a presentation at the Frhack conference in France, participated to a round-table on global security organized by the Center for International Governance and the Naval Postgraduate School in Geneva and lectured in a MBA class at the iimt at the University of Fribourg.April 2009: On-site security training
Objectif Sécurité offers one-day trainings on secure development of on-line applications. Based on demos and experience from over a hundred audits, the training describes the classical errors that we discover when working with our customers (which are documented at OWASP). To help the developers to systematically avoid errors we also present the basics of secure development methods. Finally, the participants get to do practical exercises where they pretend to be a hacker and try to exploit errors on websites prepared by ourselves. The training is typically given by two instructors of Objectif Sécurité to small groups of developpers.
March 2009: On-site password audits
Objectif Sécurité offers a new on-site password auditing service for Windows password. We install our own secure and transportable password-cracking machine at the customers location. The Windows password hashes can be copied to the machine without ever leaving the data centre of the customer. Using our finest rainbow tables, our expertise and other appropriate tools, when then attempt to crack all passwords, for a duration of a few weeks. We then create a custom report explaining what proportion of passwords comply to a given password policy, what the average time is for cracking passwords of observed categories, how many default passwords are used and whether the administration of passwords can be optimized.
January 2009: Systematic Anti-Trojan audit
Objectif Sécurité carries out audits aimed at evaluating the exposure of our customers to infections by Trojan horses. We systematically test all possible infiltration channels, probe the limitations of locally installed intrusion prevention systems and analyse the different available channels for exfilitrating information. With the results of this work we create a proof-of-concept Trojan that combines the vulnerabilities detected to steal a given file from a work station of the customer.
December 2008: Cracking of an encryption software
For one of our customers we have reverse engineered a data encryption software (DataBecker Private Safe). After analysing the BlowFish encryption code we discovered a cryptographic error in the password verification algorithm. With this information we have been able to recover the password in a few hours where a brute-force attack would have taken years to succeed.
August 2008: Objectif Sécurité in the news
Objectif Sécurité appeared several times in the swiss and international news in August and September 2008. The vulnerability found in a cryptographic USB stick during the summer was the subject of an article in the german magazine c't, number 16/08. It is available online in english on the Heise uk website. IB com published another article on the same subject.
Objectif Sécurité was asked to comment international current events for the swiss newspaper Le Temps and finally, the local newspaper 24 Heures sketched Objectif Sécurité's portrait in its 8 September 2008 edition.
July 2008: A FIPS 140-2 certified USB stick found to be insecure
Objectif Securite found a FIPS 140-2 level 2 certified USB stick with biometric authentication and built-in AES256 hardware encryption to be insecure. During some reverse engineering sessions, Objectif Sécurité found a way to systematically recover a weakly hashed copy of the master password protecting the encrypted files stored on the device. Once cracked, this password gives access to every encrypted files stored on the USB stick. The company producing the key was contacted and a patch issued for their customers.
May 2008: ophcrack 3.0 released
After four months of hard work, the brand new version of ophcrack is finally available for download. Most of the code was completely rewritten. It includes many exciting new features: multithreading, bruteforce module, command-line version, new GUI, support of multiple simultaneous tables, support of new vista free tables, session auto-saving. Download it on ophcrack homepage!
March 2008: Oracle Anti-Hacker Training in Geneva
After the success of the previous editions, Objectif Sécurité planned a new 3-day training together with the well-known Oracle security specialist Alexander Kornbrust in June 2008. Do not miss this possibility to acquire in-depth knowledge on this subject. You will find more information on this page.
December 2007: Monitoring of the compliance of IT systems.
Objectif Sécurité has developed a solution for monitoring the compliance of IT systems. Based on the well known benchmarks published by CIS a tool automatically verifies that the best practices are applied everywhere. For example checks will be run on Unix machines to verify the absence of .rhost files and on Windows machine the effective deactivation of the LMHash will be verified. The results of these verifications are stored in a database and the evolution of conformity can be watched graphically on the web pages of the monitoring console.November 2007: Collaboration with the federal police
Objectif Sécurité has signed a collaboration contract with the federal police of Switzerland. With this collaboration Objectif Sécurité can put its experience in forensic analysis, password cracking and reverse engineering to work to help the police to solve technically complex cases. Objectif Sécurité also offers this type of services to companies.July 2007: New book: Computer System Security, Basic Concepts and Solved Exercises
The new book on computer and network security by Philippe Oechslin and his co-authors Gildas Avoine and Pascal Junod has just been published. The book contains 106 solved exercices as well as over a hundred pages of lecture notes explaining the basics of such topics as: e-mail security, viruses and worms, network and application vulnerability, cryptography, security protocols and applications and management of IT security.May 2007: Multiple solutions for Single Sign-On
Objectif Sécurité dealt with several SSO solutions during this month. The first one that was audited lets Firefox users protect their web passwords with a one-time master password. We also audited a generic SSO solution based on SecureLogin from ActivIdentity. This is a script-based solution that fills in login forms automatically. Finally, we worked on Kerberos authentication with Active Directory for java servlets in Weblogic and PHP applications in Apache.
April 2007: Working on Disaster Recovery Plan
April has been partially devoted to help one of our customers to initiate the development of its Disaster Recovery Plan. Due to the complexity of this task, the first step consisted in building a detailed cartography of all the departments of the firm as well as their interaction with the information systems in order to determine critical elements.
March 2007: 1'000'000 downloads of Ophcrack
Ophcrack has been downloaded more that one million times from the site ophcrack.sourceforge.net. The downloads totals more that 350 Terabytes of data. The current monthly rate is about 120'000 downloads and 30 Terabyte. In other news, we have also registered two donations
February 2007: OS is in Hakin9
Philippe Oechslin and Cédric Tissières have published a detailed articled on Rainbow tables, their optimisations and their application to Office documents in the french edition of Hakin9 magazine. Cedric has also produced a Rainbow table tutorial that is available on the CD of that issue.
January 2007: Advanced training with EnCase Enterprise
In order to offer our clients the strongest competences in our work, we attended an advanced training for EnCase Enterprise. This forensic software is the reference for Swiss police forces as well as their international counterparts. Our duty is to provide you with the best in terms of forensic analysis.
December 2006: OS Labs does forensic work for the police
This winter we have had the occasion to offer our forensic services to cantonal police forces in eastern Switzerland. We have reverse engineered a disk protection software and have allowed the police forces to recover the complete contents of a protected disk.
November 2006: Ophcrack_office, the world's most efficient Office document cracker!
OS Labs has launched its latest rainbow table based cracker. This product cracks password protected Word and Excel documents that are protected with passwords of any length and complexity! With 4 gigabytes of rainbow tables we are able to crack 99.7% of the documents in 5 minutes average time. The software is compatible with all versions of Office as long as the default protection option is used. More information on ophcrack_office on our product pages.
October 2006: The 7 deadly sins of web based applications
Objectif Sécurité is offering a one day training for programmers about the classical vulnerabilities of on-line applications. We demonstrate these vulnerabilities with concrete examples to better explain how to protect against them. The course also describes the security aspects of the software development cycle and finishes with some practical exercises. You can find more information in our training pages. A presentation on this topic has been given at Clusis on October 24th and at the Zurich Information Security Center (ZISC) on June 13th .
September 2006: Half a million downloads for Ophcrack
Ophcrack, the Windows password cracker developed by Objectif Sécurité has been downloaded more than 500,000 times from sourceforge. The most popular version is the liveCD which cracks alphanumerical passwords of up to 14 characters without installing any software or requiring administrator privileges. By itself the liveCD has generated over 170 Terabytes of downloads. The DVDs that contain hashes of complex passwords (33 special characters) are also becoming more and more popular.
August 2006: Vulnerability in RealSentry et ModSecurity
During an application audit carried out by Objectif Sécurité we have discovered a vulnerability in RealSentry and ModSecurity for Apache. These are application level firewalls which are used to prevent attacks like cross site scripting or SQL injection using signatures of these attacks. An error in those signatures makes it possible to evade the detecion of SQL injections leaving the application vulnerable to these attacks. The vendors/developpers of both tools have been informed.
July 2006: Social Engineering made easy
In our latest Social Engineering audit more than 50% of the recipients of our forged e-mail followed our invitation to click on a URL. Of the people who followed the link a baffling 90% did not hesitate to give us their username and password. If the users are so willing to help the hackers, we really wonder if we should still spend so much effort to try to hack our customers through technical vulnerabilities...
June 2006: Oracle Anti-Hacker training in Geneva
Objectif Sécurité organises an Oracle security course together with Alexander Kornbrust, one of the top Oracle security specialists. The course is given in english, don't miss this opportunity to learn all about Oracle security. More info here.
May 2006: Password cracking tutorial for European Police forces
Objectif Sécurité has participated to the IT Forensic Conference "Decryption / Password Recovery using cluster technology" organized by the LKA Hannover for German speaking police forces of Europe.
April 2006: Rainbow cracking presentation at Websec 2006
Objectif Sécurité participates to WebSec 2006 in London with a presentation on rainbow cracking. The slides can be found here.
March 2006: Ophcrack 2.2 released
We have released version 2.2 of Ophcrack, the fastest Windows password cracker, on sourceforge. This version support a new table set which contains the following characters:
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$% &'()*+,-./:;&<=>?@[\]^_`{|}~ (including the space character)
You can buy this table set from our website.
January 2006: Vulnerability discovered in SAP
Objectif Sécurité has discovered a vulnerability in the SAP Internet Transaction Server. This vulnerability has been communicated to SAP security and is patched with patch 20 released on December 21st 2005. More info is in SAP note 883908.
November 2005: ophcrack liveCD released
This month we have released the first version of our ophcrack liveCD. This is a bootable linux CD which comes with ophcrack and a table set for alphanumeric passwords pre-installed. Just boot a computer on the CD, have a cup of coffee and watch the program breaking the passwords.
October 2005: Seminar on vulnerability management
Objectif Sécurité gave a seminar about vulnerability managament at INFORUM 2005 in Geneva. The slides are here (in french).
September 2005: OS on the front page of Security Focus
Robert Lemos wrote an article on Rainbow Cracking for Securityfocus and interviewed Oechslin about the future of password hashes. The article is still online.
August 2005 SQL injection in webradio
During our application audits we regularly discover SQL injection vulnerabilities. Of course, we would not publish the vulnerabilities of our customer. For once we stumbled on a very typical injection in a public software. Read the security advisory here
June 2005: Objectif Sécurité in the News
This month we were discovered by the press. A full page article about Objectif Sécurité, "the legal hackers", appears in the june 13th edition of 24 heures. Oechslin is interviewed in Le Matin and Le Temps about a phishing scam at a swiss bank and we are even interviewed on the radio about ethical hacking.
November 2004: Seminar on man-in-the middle attacks against telebanking systems
We gave a seminar on the different ways to break into a telebanking application. In particular we showed a demo on how a hacker can modify Internet Explorer to manipulate data that is transmitted over HTTPS. This could take phishing attacks to a new level. See the slides here (in french).
