Top Secret Documents Reveal How GCHQ Hacked Belgacom
March 27, 2017 | Author: LeakSourceInfo | Category: N/A
Short Description
http://leaksource.info/2014/12/15/top-secret-documents-reveal-how-gchq-hacked-belgacom/ https://twitter.com/LeakSourc...
Description
TOP SECRET STRAP 2
Automated NOC Detection , Head of GCHQ NAC , Senior Network Analyst, CSEC NAC
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2
Challenge • SDC 2009 – Challenged the Network Analysis community to automate the detection of Network Operations Centres
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 Phase 1: Intelligent Router Configuration File Parsing
• Routers have numerous services running on them that help identify the NOC IP ranges: – – – – – – –
SSH TELNET/VTY SNMP SYSLOG DNS TACACS RADIUS
• Access to these services tends to be locked down by the use of Access Control Lists (ACLs) • Configuration files provide details of how services are configured. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 NOCTURNAL SURGE
• GCHQ response to challenge. • Early Prototype that looks at only: – ACLs for SSH/TELNET – ACLs for VTY
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 NOCTURNAL SURGE SCREEN SHOT 1
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec) or email infoleg@gchq
T STRAP 2 AL SURGE SNAPSHOT SLIDE 2
disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information uests to GCHQ on 01242 221491 x30306 (non-sec) or email infoleg@gchq
TOP SECRET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec) or email infoleg@gchq
RET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec) or email infoleg@gchq
TOP SECRET STRAP 2 GCHQ / CSEC NAC Joint tradecraft development
• During March 2011 GCHQ Analysts visited CSEC to look at the using PENTAHO for tradecraft modelling working with CSEC NAC and CSEC/H3 software developers to see if could model NOCTURNAL SURGE in PENTAHO and then implement in OLYMPIA. • Only possible to attempt because: – GCHQ NAC use PENTAHO – CSEC NAC/H3 use PENTAHO – CSEC NAC have implemented GCHQ NAC TIDAL SURGE Database Schema (DSD also have this..)
• GCHQ approach based on AS • CSEC approach based on Country
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GC
TOP SECRET STRAP 2 Pentaho - NOC Auto Detection
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Phase 2: Intelligent use of Metadata
• We do not always get full configuration files to parse. • Services between routers and NOCs run on IP/TCP/UDP • We do create 5-TUPLE metadata from our collection – GCHQ have prototype database – 5-Alive – CSEC have database - HYPERION
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 SNMP Protocol
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 SNMP Protocol in 5-Alive
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 Further drill down on activity for identified IP
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 Phase 3: Intelligent use of TELNET traffic
• Again we do not always get full configuration files. Phase 1 is based on full (or as near to full) configuration files • GCHQ NAC collect TELNET Sessions into TERMINAL SURGE – Collection based on TCP Port 23 (TELNET) – Other protocols use TCP Port 23 (YMSG)
• Interaction with Routers over TCP Port 23 maybe nefarious: – Scanning – Password guessing
• Need to separate legitimate use from nefarious activity • Look for signs of legitimate use. – Successful login – Follow on commands
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 From TCP Port 23 (Echo)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 To TCP Port 23
This information is exempt from disclosure und legislation. Refer disclosure requests to GCHQ
exemption under ot her UK information
TOP SECRET STRAP 2 Intelligent analysis of TELNET traffic
• The fact that login was successful for both examples means the following: – From TCP Port 23 • To IP address is Network Management Terminal (in the NOC ?) – To TCP Port 23 • From IP address is Network Management Terminal (in the NOC ?)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 Phase 4: Bulk Port Scanning
• We know the key services/servers running in the NOC • Utilise HACIENDA, GCHQ’s bulk port scanning capability to identify what IPs have these service ports open – additional logic to build up confidence required.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 Fusion of sources
• Aim is to bring all sources that help identify NOC IP ranges together with associated confidence. • Different techniques provide different results due to the nature of passive access (international v’s in-country for instance) • Different techniques have different levels of reliability – therefore looking to develop aggregation with overlay of smart intelligence. • Solution can work on not just ISP NOCs but also Mobile OMCs.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 And then….enabling CNE on NOCs
• We now have IP ranges – need selectors of NOC Staff to enable QUANTUM INSERT attack against them. • Use of GCHQ TDI capability to identify selectors coming out of IP ranges and/or identification of proxy/NAT within NOC range.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2 NOC IP range search in MUTANT BROTH
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCH
TOP SECRET STRAP 2 NOC IP range – Target identifiers for QUANTUM INSERT
This information is exempt from disclosure und legislation. Refer disclosure requests to GCHQ
exemption under ot her UK information
TOP SECRET STRAP 2 Real-time picture of QI
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Questions ?
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2
Mobile Networks in World Head of GCHQ NAC
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 What is a MyNOC ?
• MyNOC – My Network Operations Centre – A Space – A Concept
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 A Space
• • • • • • • • • • •
Analyst Desktop X 10 Un-attributable internet X 10 JTRIG Desktop HIGHNOTE – CNE Toolsuite COPPERHEAD – CNE Attack box NEXUS (BSS Desktop) CADDIS (SIS Desktop) NRT Tipping Display 65” VTC/Collaborative Monitor and Projector Virtual Whiteboarding tool and Whiteboard Secure telpehony / storage This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 A Space
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 Interlopers in A Space
This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on
exemption under ot her UK information
TOP SECRET STRAP 2 A Concept
• Collaboration environment bringing together capability from across GCHQ. • Appropriate resources identified / Appropriate prioritisation • Formalised planning process – – – –
Clear Focused objectives Selection of Operations Manager Preparation Review
• Assessment and feasibility • Professional Operations Manager – Ensure operation is focused on stated objectives – Ensures operation is legal – Protects information equities This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 MyNOC & NAC
• NAC tasked with development of “greater good” capability in Mobile/Mobile Internet environment. • Due to lack of progress decision made to sponsor three MyNOC events: – OP WYLEKEY – Exploitation of International Mobile Billing Clearing Houses – OP SOCIALIST – Exploitation of GRX Operator – OP INTERACTION – Development of in-depth knowledge of Mobile Gateways.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 MyNOC Team assemble • Operations Manager • Network Analysts ( NAC Cheltenham, NAC Bude & NAC Cyprus) • Dataminer (GTAC) • Open Source Specialist • JTRIG Analysts (Cheltenham & Bude) • CNE Operators (Cheltenham CNE & Scarborough CNE) • VPN Expert (Crypt SD) • EREPO Expert (CNE) • Protocol Analyst (GTE) • Production Tasking Co-ordinator (PTC) • Trainee Ops Managers This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 One Month Later – OP SOCIALIST
• Scoping session conducted – main focus to be on enabling CNE access to BELGACOM GRX Operator • Ultimate Goal – enable CNE access to BELGACOM Core GRX Routers from which we can undertake MiTM operations against targets roaming using Smart Phones. • Secondary focus – breadth of knowledge on GRX Operators • Operations Manager assigned, team assembles
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Preparation work
• Identified static web gateways and IP range used by engineers and tasked for QUANTUM operations • Identification and tasking of optimal bearers • TDI data mining identified potential for exploitation of LinkedIn as a vector for QI – QI capability developed for LinkedIn • WOODCUTTER logs analysed for usage by BELGACOM.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 MyNOC Focus
• Expand collection and capability to enable better exploitation of Belgacom. • Identify key staff at BICS, and selectors used by these individuals for QI. • Map the network to better understand the Belgacom Infrastructure. • Investigate VPN links from BICS to other telecoms providers. • Investigate the vulnerability of the MyBICS Reporting Tool.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 Infrastructure
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 Key BELGACOM staff
• Identify Belgacom employees – NOC staff – In areas related to maintenance or security
• Selectors to enable QUANTUM targeting – Use of LinkedIn noted – Use of Slashdot.org noted
• MUTANT BROTH used to identify TDI/Selectors coming from identified range/proxy • QI capability enhanced to allow shots on LinkedIn • QI capability enhanced to allow ‘white listing’ when shooting on proxy
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 NOC IP range search in MUTANT BROTH
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 NOC IP range – Target identifiers for QUANTUM INSERT
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 GTAC effort
• • • • • • • • • •
IR21 extractions Website research – domains visited from target gateway IPs TDI harvesting Identified owners of TDIs / finding new potential targets Identified the FTP service User agent analysis Laptop identification Mail server analysis SSL research GRX analysis
This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on
exemption under ot her UK information
TOP SECRET STRAP 2 What MyNOC Priority gets you
• • • • • •
Dedicated resources Priority tasking of access Priority utilisation of CNE Operator resources Priority utilisation of CNE Developer resources Priority use of enabling community (GTE, GTAC, JTRIG) Priority time of legalities bodies
This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on
exemption under ot her UK information
TOP SECRET STRAP 2 OP SOCIALIST Outcome
• In MyNOC: – CNE Access to BELGACOM – MERION ZETA – 6 endpoints into Engineer/support staff IP range – 2 endpoints into BELGACOM DMZ (from prep VA work) – Optimal Bearers identified providing good access to BELGACOM proxy.
• Post MyNOC: – Optimal Bearers continue to allow QI against BELGACOM engineers/proxy – Internal CNE access continues to expand – getting close to access core GRX Routers – currently on hosts with access – NAC continue to support with Network Analysis of internal networks, network understanding research on credentials and identification of engineers/system administrators and their specific roles. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 MyNOC leave behinds for NAC
• • • • • • • • •
Focused working in small groups Regular Brainstorming sessions Professional Operational Management Network becomes Target – Target approach to Network Problems Awareness of JTRIG and Open-source information specialist capabilities and how they can support Network Analysis. Steerage of access for Network Analysis gain Closer working between NAC and CNE Joint working between NACs More NAC MyNOC/Focus efforts to come…. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Questions ?
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
Making Network Sense of the encryption problem Roundtable Head of GCHQ NAC Derived From: NSA/CSSM 1-52 Dated: 20070108 Declassify On: 20360501
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL GCHQ metadata
• GCHQ now creating metadata on: – SSL / TLS – IKE – OpenVPN – SSH – SQUEAL signatures (Various crypt packages)
• Data available in BEARDED PIGGY and/or the CLOUD
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL How can Network Analysis help ?
• Can NAC help make sense using network knowledge of the volumes of data to isolate that which we want to decrypt… This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL The Seed Approach
• Intercepted documentation reveals details of VPN set up…
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL The Seed Approach
• • • •
Turn Seed IP into network block Query on network block against metadata Chain outwards / fuzzy subnet logic Basis of NTAT developed tradecraft: – – – –
IRASCIBLE HARE IRASCIBLE RABBIT IRASCIBLE MOOSE IRASCIBLE EMITT
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL Known usage
• Target known to use encryption – Identify target subnet – Select on subnet against metadata • Or… – Start with an AS – look for most interesting wheel – BELGACOM - AS6774 – known to run GRX links to MNO over VPN
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL Network Knowledge enrichment
• • • •
Internet Registry information IP Geolocation DNS Data derived from network device configuration files (routers/Firewalls etc) • Network information on surrounding IPs (i.e. rest of subnet is MNO related) • ……
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL Access Optimisation
• A given role of Network Analysis is optimising access for a given problem – in this case enabling two-ended collection • Or….. Identifying opportunities to get at the data before it is encrypted therefore no need to make sense of encrypted data. Can do this both: – Passive – Active
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL Your Idea’s Please
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL
SECRET STRAP1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. For GCWiki help contact: webteam
Support page
STARGATE CNE Requirements From GCWiki (Redirected from OPCCNE Prototyping STARGATE CNE Requirements) Jump to: navigation, search OPCCNE Prototyping Team (team leader HOME . MAD . KITCHEN SINK . MARVAL ICE . IRONING BOARD . TIN REVERIE . SORCERER . FEDEX Agile . Admin . Andromeda . Data Characterisation . Desks . Discussion . Forensics . Index . Links . Notes . Storyboards . Team . Training . Planning . Priorities . Unification Workshop . Infrastructure . Development Process This page is for OPH-CNE staff to add requirements for STARGATE. You should start by reading the Endpoint Initiative Requirements. Your requirement may have already been captured. Some headings have been added to get you started....
Contents 1 How should the file system be rendered? 2 How do you want to search the file system? 3 How do you want to get tasked by customers? 4 What should appear on the summary pages? What about summary pages for a Project or Implant? 5 Embedded Comments 6 What would CNE need from Network diagrams? 7 What input is most important (ipconfig/netstat/dns/arps/....) ? 8 Scripts 9 Visualising non-DareDevil logs 10 Add a new section here!
STARGATE User Guide Bugs & Feedback Deployments CNE Requirements Surgery Support Administration User Management tool Plugins VORPAL SWORD User Guide Bugs & Feedback Development Version history CLOTHO 2 Interface from ROYAL MANTLE Architecture
[edit] How should the file system be rendered? I would like to be able to use STARGATE to view the files directly from the S drive. GCHQ
Connectivity ERIDANUS CHEYENNE MOUNTAIN CHEYENNE MOUNTAIN2
has a site wide license for OutsideIn (QuickView uses this behind the scenes). You can convert around ~350 document formats into HTML for viewing safely. This is not meant to replace udaq but would be a convinent and safe halfway-house to view files quickly for tactical operational reasons. User:
AQUILA CNE on the BIG BUS Iterations Iteration 7 Feedback Iteration 6 Feedback Iteration 5 Feedback
[edit] How do you want to search the file system?
Dev Team
[edit] How do you want to get tasked by customers? [edit] What should appear on the summary pages? What about summary pages for a Project or Implant? [edit] Embedded Comments What form should they take? Do you want to be able to add attachments or hyperlinks. Do you want to be alerted when a comment is added to your project?
[edit] What would CNE need from Network diagrams? [edit] What input is most important (ipconfig/netstat/dns/arps/....) ? [edit] Scripts Incorporate scripts detailed in the TDE wiki into STARGATE, eg; Email project lead (or interested party) when a volume manager event occurs. User Please add more ideas!
[edit] Visualising non-DareDevil logs I need to be able to view logs from unix ops [ I need to be able to view logs from masquerades (directory listings from FTP servers) User I need to be able to view logs from ops where i exploit on to the box and just use legspin (THICKISH ALPHA) User:
[edit] Add a new section here! Retrieved from "https:// Categories: STARGATE | CNE Prototyping Team
View more...
Comments
