Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk
Connecting With Us
---------------------------------------------------
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh
Lawrence Systems Shirts and Swag
---------------------------------------------------
►👕 https://lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup
UniFi Affiliate Link
🛒 https://store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
🛒 https://lawrencesystems.com/partners-we-love/
Gear we use on Kit
🛒 https://kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 5% off your order at
🛒 https://lawrence.video/techsupplydirect
Digital Ocean Offer Code
🛒 https://m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS
Patreon
💰 https://www.patreon.com/lawrencesystems
The write up and links to the proof of concept code:
Risks from symmetric encryption in Ubiquiti UniFi’s inform protocol
https://jade.wtf/words/unifi-l3inform-crypto/
How to use Wireshark with pfsense
https://youtu.be/a9t_7JKpsmg
Video on UniFi 6.x Upgrade
https://forums.lawrencesystems.com/t/dont-upgrade-to-unifi-controller-6-0-20/6478
⏱️ Timestamps ⏱️
0:00 UniFi Adoption Key Extractions CVE-2020-28936
1:46 The UniFi Set Inform Protocol
4:10 Lab Demo setup
5:28 Simple Mitigation Of Key Interception
6:13 Using Wireshark to Sniff the keys
7:39 Manually Using set-inform 8080/inform
9:25 Using Pixiedust to extract keys
10:03 What can you do with extracted keys
10:52 final thoughts on this
Видео Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk канала Lawrence Systems
---------------------------------------------------
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh
Lawrence Systems Shirts and Swag
---------------------------------------------------
►👕 https://lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup
UniFi Affiliate Link
🛒 https://store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
🛒 https://lawrencesystems.com/partners-we-love/
Gear we use on Kit
🛒 https://kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 5% off your order at
🛒 https://lawrence.video/techsupplydirect
Digital Ocean Offer Code
🛒 https://m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS
Patreon
💰 https://www.patreon.com/lawrencesystems
The write up and links to the proof of concept code:
Risks from symmetric encryption in Ubiquiti UniFi’s inform protocol
https://jade.wtf/words/unifi-l3inform-crypto/
How to use Wireshark with pfsense
https://youtu.be/a9t_7JKpsmg
Video on UniFi 6.x Upgrade
https://forums.lawrencesystems.com/t/dont-upgrade-to-unifi-controller-6-0-20/6478
⏱️ Timestamps ⏱️
0:00 UniFi Adoption Key Extractions CVE-2020-28936
1:46 The UniFi Set Inform Protocol
4:10 Lab Demo setup
5:28 Simple Mitigation Of Key Interception
6:13 Using Wireshark to Sniff the keys
7:39 Manually Using set-inform 8080/inform
9:25 Using Pixiedust to extract keys
10:03 What can you do with extracted keys
10:52 final thoughts on this
Видео Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk канала Lawrence Systems
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
The Homelab Show Episode 96: /dev/random & Live Q&AVLOG Thursday 287: pfsense, Tailscale, UniFi, Errata, and Q&ASunday Live Q&A: Firewall Followup. Homelab Questions, And More!VLOG Thursday 312: Amcrest Cameras, Forum Privacy, Synology, Errata, and Q&AVLOG Thursday 272: VLAN Security,TrueNAS Snapshots, New Business Channel, Errata, and Q&AThe Homelab Show Episode 80: The Server Automation MindsetVLOG Thursday 330: Open Source Logging, Tech Talk, and Live Q&ANew Studio Tour November 2022My Content Creation WorkflowTrueNAS-SCALE 22.12.1 February 2023 UpdateVLOG Thursday 237: New Studio, TrueNAS, UniFi and The Usual ErrataXen Orchestra 5.70 OVA Export, Proxy Updates, Restore Check and Much More!How to do Packet Loss And Latency Monitoring in pfsense3CX VOIP Compromised in March 2023 Supply Chain AttackUpdated pfsense Patch PackageSecurity Incident Using Huntress & SentinelOne: What Was Found & What Was Missed 🚨Why Are SMB File Transfers Slow Over A VPN?How To Troubleshoot and Diagnose Networking Issues Using pfsenseProtect Your Data, Replicate You Data, & Recover Quickly From Ransomware Using Synology SnapshotsRemote Command Execution pfsense pfblocker ⚠️CVE2022-31814pfsense: Blocking Threats With pfblockerNG Lists