2019-09-01 - Professional tables available for free on torrent

After redeploying our web site, we have decided to make all our professional tables available for free download. If you want to download only one table, we recommend vista_proba_60G for its nice success rate and relatively small size of 60GB. It is based on a probabilistic approach which has been published (in French) at the SSTIC conference. If you have enough bandwidth you can download the vista_eightxl table that will crack 99% of passwords made of 8 letters, numbers or special characters. Without any downloading, you can also use our free online demo that uses the mentioned tables to crack passwords in less that 60 seconds average time.

2019-03-30 - OS in the news

Objectif Sécurité was in the media this February, answering questions on topical issues. Regarding the risks of related to our mobile operators using Huawei equipment, on TV and in the press. Then on the genric risks of the new 5G standard, on CNN Money Switzerland. Finally some generals recommendations for protecting our personal data, on a local radio station.

2017-10-15 - Your 8-character passwords cracked in 50 seconds

We have put a new Ophcrack demo online. With a budget of $3000 we built a machine with two 12-core processors (48 threads), 1TB of PCI-attached SSD, 2TB of SATA-6G attached SSD and 48GB of RAM. The demo uses the following tables: Vista_eightXL (2TB), Vista_specialXL (107GB) and Vista_proba_60G (60GB). Mean cracking time is 47 seconds, the worst case time is 212 seconds. The demo cracks 99% of 8-character passwords made of numbers, mixed case letters and 33 special characters and billions of the most frequent passwords of length 9 and more.

2016-03-14 - Training for data protection officers

Objectif Sécurité has given a training for data protection officers in Lausanne. This 6-days course is given by specialists of law, information system governance and IT security. This year there was even a presentation by the Federal Data Protection and Information Commissioner. The course will be held again next March. More information can be found on the website of CUI.

2015-10-27 - Third edition of the "Sécurité Informatique" book

The 3rd edition of the book “Sécurité Informatique” has been published. It has been completely reworked and contains new subjects like application vulnerabilities and secure software development.

2015-07-14 - Vulnerability discovered on a Scada equipment (CVE-2015-5386)

During a security audit, Objectif Sécurité discovered a flaw on a Siemens Scada equipment that let an attacker bypass the authentication and authorization system to perform administrative operations without being authenticated. A security advisory was published by Siemens, who thanked Objectif Sécurité for reporting this flaw.

2014-11-15 - Presentations at the AppSec Forum

Objectif Sécurité gave two presentations at the AppSec Forum in Yverdon. The first one was presented by Philippe Oechslin and revealed some technical details of the hacking attempt performed against a journlalist in the Giroud case. The second, entitled “Tproxy: a proxy for transparent interception of TCP traffic” was given by Bertrand Mesot to present the progress in the implementation of the tool that Objectif Sécurité already regularly uses during audits.

2014-10-12 - Objectif Sécurité turns 10

In October 2014, Objectif Sécurité celebrated its 10th anniversary. This is the opportunity to look back at all the work performed to support our clients, but above all to look forward into the future and continue to contribute to improving IT security!

2013-10-12 - Launching sures.ch

Sures.ch has been launched on October 1st. Objectif Sécurité is a founding member of sures.ch, a professional association of IT security companies. The goal of the association is to provide a quality label for IT security companies. The label stands for ethical business practices, transparency and other criteria that are detailed in a charter. The official press statement is available here.

2013-06-01 - Ophcrack on TV

Nouvo has come to our office to record a demo of Ophcrack and a short talk about the plague of stolen password on the Internet. The clip was aired on the national TV news A demo of our professional tables would have been technically more impressive but it was deemed less interesting for the tv viewers.

2013-05-03 - Critical vulnerability in Forticlient

One year ago (April 2012) we discovered a critical vulnerability in the Fortinet SSL VPN client. The vulnerability is very simple. When you do a man-in-the-middle attack to intercept an SSL VPN connection the VPN client detects the fake certificate and alerts the user… but only AFTER it has sent the username and password. We were doing a pentest in a Wifi network and couldn’t believe it was so easy to get the keys to the customers internal network. We alerted Fortinet a year ago. They patched most versions but haven’t published any advisory yet.

more...

2013-01-23 - Pentesting an electrical substation

In January we had the occasion to do a penetration test on a facility of an electrical utility company. The goal was to see if a local IT access to one facility would give total control over the facility and moreover if control of one facility could give control over other facilities or over the central command center. We got to intercept and replay IEC-104 and ISO 68150 protocols and interact with all kinds of industrial gear.

2012-12-15 - New Rainbow tables

We have completed our new Vista_eightXL rainbow tables. They crack Windows password (NTHash) of length 8 made of numbers, mixed-case letters and 33 special characters. Note that this covers all characters that Windows asks you to use for a strong password. We think that it is time to increase the minimum password length to 9 characters. The tables are 2TB in size and have been added to our professional table set. The average cracking time on a dual-processor server is 15 minutes!

We also decided to give away our XP_special, XP_german, Vista_special and Vista_num tables for free. You can access these on our ophcrack page. Happy downloading.

2012-08-02 - Awareness training on targeted attacks

We carried out awareness training projects for several customers. Each training project was preceded by a social engineering attack where we sent unsolicited e-mails asking the recipient for some interaction. We then gave presentations to the employees, telling them about current targeted attacks, showing them the statistics of our social engineering and giving them a demo of an actual Trojan attack.

2012-03-18 - Hacking a physical access control system

We had the pleasure of auditing a physical access control system based on NFC cards. While NFC authentication technology was up to date and secure we discovered important misconfigurations and insecure protocols which allowed to us to get free chocolate bars, open any door at will and possibly charge money on our card for free.

2012-01-29 - Who's afraid of the Bundestrojaner?

Objectif Sécurité gave a talk at the Forum de la Sécurité Genevois (FSG) following the news coverage of German and Swiss police forces using Trojans for their investigations. We discussed Trojans in general, their use in organized crime, industrial espionage and law enforcement. We gave a demo of a Trojan that was used in a recent attack and explained how to protect against these attacks.

2011-12-14 - Working on new security requirements for Internet voting

The Swiss federal chancellery is working out new requirements for internet voting systems in view of the opening of this offer to a larger part of the population. Objectif Sécurité has been collaborating on this work based on our experience in application security and cryptography.

2011-04-05 - Forged spam campaigns

Various spam messages pretending to be sent by us have been distributed through the Internet. They start with a phrase like Dear Potential Customer, contain various false claims, exaggerations and typos and promise some special offer if you visit our web site.

We are definitely not the authors of these messages and apologize for the inconvenience this may have caused you.

Our official mail servers are registered in the DNS using the sender policy framework(SPF). If your servers are configured to look up SPF information, you should be protected from fake e-mails pretending to be from Objectif Sécurité.

2011-03-16 - IT Security Days

We participated in the IT Security Days of the HEIG-VD engineering school. If you followed our presentation and demos, cross site scripting would have no more secrets for you and you would know how to use it to steal a server’s /etc/passwd file.

December 2010: Launch of netobservatory.ch project

The netobservatory.ch research project lead by the ICT institute of Ecole d’ingénieurs et d’architectes de Fribourg aims to provide concrete and verified images and statistics of the security of the Swiss Internet. The first report was published and presented during a press conference. We actively participate in this interesting project by collecting public data about the Swiss Internet.

November 2010: OS at the hashdays (Defcon Switzerland)

Philippe Oechslin attended the hashdays conference organized by Defcon Switzerland in Luzern at the beginning of November. He gave a talk about tests we made on Extended Validation SSL certificates to determine how trustworthy they are. The slides of this talk named Testing the limits of EV certificates can be downloaded here.

2010-12-13 - Launch of netobservatory.ch project

The netobservatory.ch research project lead by the ICT institute of Ecole d’ingénieurs et d’architectes de Fribourg aims to provide concrete and verified images and statistics of the security of the Swiss Internet. The first report was published and presented during a press conference. We actively participate in this interesting project by collecting public data about the Swiss Internet.

2010-11-10 - OS at the hashdays (Defcon Switzerland)

Philippe Oechslin attended the hashdays conference organized by Defcon Switzerland in Luzern at the beginning of November. He gave a talk about tests we made on Extended Validation SSL certificates to determine how trustworthy they are. The slides of this talk named Testing the limits of EV certificates can be downloaded here.

2010-10-18 - Forensic analysis of a printer

Modern printers offer very extensive features and enable users to store documents before them being printed. In one of our audits we got access to a hard drive of such a printer and recovered the partitions using reverse-engineering techniques. As expected, a forensic analysis of the recovered partitions then yielded a load of confidential documents.

May 2010: Launch of the private business network YESweBIZ.ch

Objectif Sécurité participated in the launch of a new Swiss professional social network named YESweBIZ.ch. We were seduced by the powerful confidentiality management system and the privacy aspects of YESweBIZ and helped them to develop the security and availability of the project.

2010-05-24 - Launch of the private business network YESweBIZ.ch

Objectif Sécurité participated in the launch of a new Swiss professional social network named YESweBIZ.ch. We were seduced by the powerful confidentiality management system and the privacy aspects of YESweBIZ and helped them to develop the security and availability of the project.

2010-04-12 - Vulnerabilities reported in Typo3

Typo3 is a well-known CMS built in PHP. A customer asked us to audit the code and try to find vulnerabilities in the CMS core and in some of its extensions. We reported several vulnerabilities to the Typo3 security team. Some of them were published in a security bulletin, while others had already been reported but were not published at the time.

2010-02-13 - 10 million downloads, free rainbow table

In January, the number of times Ophcrack has been downloaded broke the 10 million mark! In the general euphoria following this event we decided to make our XP_special rainbow table available on-line for free. This cracks passwords made of 52 mixed case letters, 10 numbers and 33 special characters of up to 14 characters in lenght in 5 seconds! This performance is achieved by putting the XP special table on steroids (we increased the size from 8GB to 90GB and host it on an SSD). If you only need to crack a single password, feel free to check out our demo rather than purchasing and downloading the 8GB table.

2009-12-31 - OS at the 26C3

Objectif Sécurité participated in the 26th Chaos Computer Congress 26c3 in Berlin. Philippe Oechslin gave a lecture on finding and exploiting crypto bugs through reverse engineering. You can see the talk on Youtube with demos on how to circumvent AES 256 and Blowfish on three commercial products.

2009-11-29 - Broadband penetration testing

We have spent most of November doing a broadband penetration test for one of our customers. We enjoyed penetration attempts on the perimeter infrastructure and Single Sign-On solution, leak tests on virtualized environments, intrusion tests throughout the internal network and finally reverse engineering of unusual internal application protocols to carry out man-in-the-middle attacks. Even in environments with very good security there are always weak spots and doing a broad security audit lets the customer know where the security efforts should be directed.

2009-09-17 - OS everywhere

In September Objectif Sécurité gave a presentation at the Frhack conference in France, participated in a round-table on global security organized by the Center for International Governance and the Naval Postgraduate School in Geneva and held a lecture in a MBA class at the iimt at the University of Fribourg.

2009-04-05 - On-site security training

Objectif Sécurité offers one-day training sessions on the secure development of on-line applications. Based on demos and experience from over a hundred audits, the training describes the classical errors that we discover when working with our customers (which are documented at OWASP). To help the developers to systematically avoid errors we also present the basics of secure development methods. Finally, the participants get to do practical exercises where they pretend to be a hacker and try to exploit errors on websites prepared by ourselves. The training is typically given by two instructors of Objectif Sécurité to small groups of developers.

2009-03-04 - On-site password audits

Objectif Sécurité offers a new on-site password auditing service for Windows passwords. We install our own secure and transportable password-cracking machine at the customer’s location. The Windows password hashes can be copied to the machine without ever leaving the data centre of the customer. Using our finest rainbow tables, our expertise and other appropriate tools, we then attempt to crack all passwords, over a period of a few weeks. We then create a custom report explaining what proportion of passwords comply with a given password policy, what the average time is for cracking passwords of observed categories, how many default passwords are used and whether the administration of passwords can be optimized.

2009-01-22 - Systematic Anti-Trojan audit

Objectif Sécurité carries out audits aimed at evaluating the exposure of our customers to infections by Trojan horses. We systematically test all possible infiltration channels, probe the limitations of locally installed intrusion prevention systems and analyse the different available channels for exfilitrating information. With the results of this work we create a proof-of-concept Trojan that combines the vulnerabilities detected to steal a given file from a work station of the customer.

2008-12-07 - Cracking of an encryption software

For one of our customers we have reverse engineered a data encryption software (DataBecker Private Safe). After analysing the BlowFish encryption code we discovered a cryptographic error in the password verification algorithm. With this information we were able to recover the password in a few hours where a brute-force attack would have taken years to succeed.

2008-08-24 - Objectif Sécurité in the news

In August and September 2008 Objectif Sécurité appeared several times in the swiss and international news . The vulnerability found in a cryptographic USB stick during the summer was the subject of an article in the German magazine c’t, number 16/08. It is available online in English on the Heise uk website. IB com published another article on the same subject.

Objectif Sécurité was asked to comment on international current events for the Swiss newspaper Le Temps and finally, the local newspaper 24 Heures sketched Objectif Sécurité’s portrait in its 8 September 2008 edition.

2008-07-16 - A FIPS 140-2 certified USB stick found to be insecure

Objectif Securite found a FIPS 140-2 level 2 certified USB stick with biometric authentication and built-in AES256 hardware encryption to be insecure. During some reverse engineering sessions, Objectif Sécurité found a way to systematically recover a weakly hashed copy of the master password protecting the encrypted files stored on the device. Once cracked, this password gives access to every encrypted file stored on the USB stick. The company producing the key was contacted and a patch issued for their customers.

2008-05-14 - ophcrack 3.0 released

After four months of hard work, the brand new version of ophcrack is finally available for download. Most of the code has been completely rewritten. It includes many exciting new features: multithreading, a bruteforce module, command-line version, new GUI, support of multiple simultaneous tables, support of new vista free tables, session auto-saving. Download it on the ophcrack homepage!

2008-03-01 - Oracle Anti-Hacker Training in Geneva

After the success of the previous editions, Objectif Sécurité planned a new 3-day training session together with the well-known Oracle security specialist Alexander Kornbrust in June 2008. Do not miss this possibility to acquire in-depth knowledge on this subject. You will find more information on this page.

2007-12-15 - Monitoring of the compliance of IT systems

Objectif Sécurité has developed a solution for monitoring the compliance of IT systems. Based on the well-known benchmarks published by CIS, a tool automatically verifies that the best practices are applied everywhere. For example, checks will be run on Unix machines to verify the absence of .rhost files and on Windows machines the effective deactivation of the LMHash will be verified. The results of these verifications are stored in a database and the evolution of conformity can be watched graphically on the web pages of the monitoring console.

2007-11-23 - Collaboration with the federal police

Objectif Sécurité has signed a collaboration contract with the federal police of Switzerland. With this collaboration Objectif Sécurité can put its experience in forensic analysis, password cracking and reverse engineering to good use to help the police to solve technically complex cases. Objectif Sécurité also offers this type of service to companies.

2007-07-04 - New book: Computer System Security, Basic Concepts and Solved Exercises

The new book on computer and network security by Philippe Oechslin and his co-authors Gildas Avoine and Pascal Junod has just been published. The book contains 106 solved exercises as well as over a hundred pages of lecture notes explaining the basics of such topics as: e-mail security, viruses and worms, network and application vulnerability, cryptography, security protocols and applications and management of IT security.

2007-05-04 - Multiple solutions for Single Sign-On

Objectif Sécurité dealt with several SSO solutions during this month. The first one that was audited lets Firefox users protect their web passwords with a one-time master password. We also audited a generic SSO solution based on SecureLogin from ActivIdentity. This is a script-based solution that fills in login forms automatically. Finally, we worked on Kerberos authentication with Active Directory for java servlets in Weblogic and PHP applications in Apache.

2007-04-16 - Working on A Disaster Recovery Plan

April has been partially devoted to helping one of our customers initiate the development of its Disaster Recovery Plan. Due to the complexity of this task, the first step consisted of building a detailed cartography of all the departments of the firm as well as their interaction with the information systems in order to determine critical elements.

2007-03-26 - 1,000,000 downloads of Ophcrack

Ophcrack has been downloaded more than one million times from the site ophcrack.sourceforge.net. The downloads total more than 350 Terabytes of data. The current monthly rate is about 120,000 downloads and 30 Terabyte. In other news, we have also registered two donations

2007-02-22 - OS is in Hakin9

Philippe Oechslin and Cédric Tissières have published a detailed articled on Rainbow tables, their optimisations and their application to Office documents in the French edition of Hakin9 magazine. Cedric has also produced a Rainbow table tutorial that is available on the CD of that issue.

2007-01-12 - Advanced training with EnCase Enterprise

We attended an advanced training session for EnCase Enterprise. This forensic software is the reference for Swiss police forces as well as their international counterparts. This will allow us to provide you with even better service in terms of forensic analysis.

2006-12-18 - OS Labs does forensic work for the police

This winter we have had the occasion to offer our forensic services to cantonal police forces in eastern Switzerland. We have reverse engineered a disk protection software and have allowed the police force to recover the complete contents of a protected disk.

November 2006: Ophcrack_office, the world's most efficient Office document cracker!

OS Labs has launched its latest rainbow table based cracker. This product cracks password protected Word and Excel documents that are protected with passwords of any length and complexity! With 4 gigabytes of rainbow tables we are able to crack 99.7% of the documents in an average of 5 minutes. The software is compatible with all versions of Office as long as the default protection option is used. There is more information on ophcrack_office on our product pages.

2006-11-19 - Ophcrack_office, the world's most efficient Office document cracker!

OS Labs has launched its latest rainbow table based cracker. This product cracks password protected Word and Excel documents that are protected with passwords of any length and complexity! With 4 gigabytes of rainbow tables we are able to crack 99.7% of the documents in an average of 5 minutes. The software is compatible with all versions of Office as long as the default protection option is used. There is more information on ophcrack_office on our product pages.

2006-10-28 - The 7 deadly sins of web based applications

Objectif Sécurité is offering a one day training session for programmers on the classical vulnerabilities of on-line applications. We demonstrate these vulnerabilities with concrete examples to better explain how to protect against them. The course also describes the security aspects of the software development cycle and finishes with some practical exercises. You can find more information on our training pages.

A presentation on this topic was given at Clusis on October 24th and at the Zurich Information Security Center (ZISC) on June 13th.

2006-09-08 - Half a million downloads for Ophcrack

Ophcrack, the Windows password cracker developed by Objectif Sécurité has been downloaded more than 500,000 times from sourceforge. The most popular version is the liveCD which cracks alphanumerical passwords of up to 14 characters without installing any software or requiring administrator privileges. On its own the liveCD has generated over 170 Terabytes of downloads. The DVDs that contain hashes of complex passwords (33 special characters) are also becoming more and more popular.

2006-08-02 - Vulnerability in RealSentry and ModSecurity

During an application audit carried out by Objectif Sécurité we have discovered a vulnerability in RealSentry and ModSecurity for Apache. These are application level firewalls which are used to prevent attacks like cross site scripting or SQL injection using signatures of these attacks. An error in those signatures makes it possible to evade the detection of SQL injections leaving the application vulnerable to these attacks. The vendors/developers of both tools have been informed.

2006-07-15 - Social Engineering made easy

In our latest Social Engineering audit more than 50% of the recipients of our forged e-mail followed our invitation to click on a URL. Of the people who followed the link a baffling 90% did not hesitate to give us their username and password. If the users are so willing to help the hackers, we really wonder if we should still make so much effort trying to hack our customers’ systems through technical vulnerabilities…

2006-06-16 - Oracle Anti-Hacker training in Geneva

Objectif Sécurité organises an Oracle security course with Alexander Kornbrust, one of the top Oracle security specialists. The course will be given in English. Don’t miss this opportunity to learn all about Oracle security. Click here for more info.

2006-05-19 - Password cracking tutorial for European Police forces

Objectif Sécurité has participated in the IT Forensic Conference “Decryption / Password Recovery using cluster technology” organized by the LKA Hannover for the German speaking police forces of Europe.

2006-04-25 - Rainbow cracking presentation at Websec 2006

Objectif Sécurité participates in WebSec 2006 in London with a presentation on rainbow cracking. The slides can be found here.

2006-03-22 - Ophcrack 2.2 released

We have released version 2.2 of Ophcrack, the fastest Windows password cracker, on sourceforge. This version supports a new table set which contains the following characters:

0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!”#$% &’()*+,-./:;&<=>?@[]^_`{|}~ (including the space character)

You can buy this table set from our website.

2006-01-30 - Vulnerability discovered in SAP

Objectif Sécurité has discovered a vulnerability in the SAP Internet Transaction Server. This vulnerability has been communicated to SAP security and is patched with patch 20 that was released on 21st December

  1. More info can be found in SAP note 883908.

2005-11-25 - ophcrack liveCD released

This month we have released the first version of our ophcrack liveCD. This is a bootable linux CD which comes with ophcrack and a table set for alphanumeric passwords pre-installed. Just boot a computer on the CD, have a cup of coffee and watch the program break the passwords.

2005-10-28 - Seminar on vulnerability management

Objectif Sécurité gave a seminar about vulnerability management at INFORUM 2005 in Geneva. The slides are here (in French).

2005-09-22 - OS on the front page of Security Focus

Robert Lemos wrote an article on Rainbow Cracking for Securityfocus and interviewed Oechslin about the future of password hashes. The article is still online.

2005-08-06 - web-radio-sqli

During our application audits we regularly discover SQL injection vulnerabilities. Of course, we would not publish the vulnerabilities of our customers. For once we stumbled on a very typical injection in a public software. Read the security advisory here.

2005-06-28 - Objectif Sécurité in the News

This month we were discovered by the press. A full page article about Objectif Sécurité, “the legal hackers”, appears in the June 13th edition of 24 Heures. Oechslin is interviewed in Le Matin and Le Temps about a phishing scam at a Swiss bank and were even interviewed on the radio about ethical hacking.

2004-11-12 - Seminar on man-in-the middle attacks against telebanking systems

We gave a seminar on the different ways to break into a telebanking application. In particular, we showed a demo on how a hacker can modify Internet Explorer to manipulate data that is transmitted over HTTPS. This could take phishing attacks to a new level. See the slides here (in French).