Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk
Connecting With Us
---------------------------------------------------
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh
Lawrence Systems Shirts and Swag
---------------------------------------------------
►👕 https://lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup
UniFi Affiliate Link
🛒 https://store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
🛒 https://lawrencesystems.com/partners-we-love/
Gear we use on Kit
🛒 https://kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 5% off your order at
🛒 https://lawrence.video/techsupplydirect
Digital Ocean Offer Code
🛒 https://m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS
Patreon
💰 https://www.patreon.com/lawrencesystems
The write up and links to the proof of concept code:
Risks from symmetric encryption in Ubiquiti UniFi’s inform protocol
https://jade.wtf/words/unifi-l3inform-crypto/
How to use Wireshark with pfsense
https://youtu.be/a9t_7JKpsmg
Video on UniFi 6.x Upgrade
https://forums.lawrencesystems.com/t/dont-upgrade-to-unifi-controller-6-0-20/6478
⏱️ Timestamps ⏱️
0:00 UniFi Adoption Key Extractions CVE-2020-28936
1:46 The UniFi Set Inform Protocol
4:10 Lab Demo setup
5:28 Simple Mitigation Of Key Interception
6:13 Using Wireshark to Sniff the keys
7:39 Manually Using set-inform 8080/inform
9:25 Using Pixiedust to extract keys
10:03 What can you do with extracted keys
10:52 final thoughts on this
Видео Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk канала Lawrence Systems
---------------------------------------------------
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh
Lawrence Systems Shirts and Swag
---------------------------------------------------
►👕 https://lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup
UniFi Affiliate Link
🛒 https://store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
🛒 https://lawrencesystems.com/partners-we-love/
Gear we use on Kit
🛒 https://kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 5% off your order at
🛒 https://lawrence.video/techsupplydirect
Digital Ocean Offer Code
🛒 https://m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS
Patreon
💰 https://www.patreon.com/lawrencesystems
The write up and links to the proof of concept code:
Risks from symmetric encryption in Ubiquiti UniFi’s inform protocol
https://jade.wtf/words/unifi-l3inform-crypto/
How to use Wireshark with pfsense
https://youtu.be/a9t_7JKpsmg
Video on UniFi 6.x Upgrade
https://forums.lawrencesystems.com/t/dont-upgrade-to-unifi-controller-6-0-20/6478
⏱️ Timestamps ⏱️
0:00 UniFi Adoption Key Extractions CVE-2020-28936
1:46 The UniFi Set Inform Protocol
4:10 Lab Demo setup
5:28 Simple Mitigation Of Key Interception
6:13 Using Wireshark to Sniff the keys
7:39 Manually Using set-inform 8080/inform
9:25 Using Pixiedust to extract keys
10:03 What can you do with extracted keys
10:52 final thoughts on this
Видео Flaws In Ubiquiti UniFi’s Adoption Inform Protocol and How To Mitigate The Risk канала Lawrence Systems
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
The Homelab Show Episode 96: /dev/random & Live Q&A
VLOG Thursday 287: pfsense, Tailscale, UniFi, Errata, and Q&A
Sunday Live Q&A: Firewall Followup. Homelab Questions, And More!
VLOG Thursday 312: Amcrest Cameras, Forum Privacy, Synology, Errata, and Q&A
VLOG Thursday 272: VLAN Security,TrueNAS Snapshots, New Business Channel, Errata, and Q&A
The Homelab Show Episode 80: The Server Automation Mindset
VLOG Thursday 330: Open Source Logging, Tech Talk, and Live Q&A
New Studio Tour November 2022
My Content Creation Workflow
TrueNAS-SCALE 22.12.1 February 2023 Update
VLOG Thursday 237: New Studio, TrueNAS, UniFi and The Usual Errata
Xen Orchestra 5.70 OVA Export, Proxy Updates, Restore Check and Much More!
How to do Packet Loss And Latency Monitoring in pfsense
3CX VOIP Compromised in March 2023 Supply Chain Attack
Updated pfsense Patch Package
Security Incident Using Huntress & SentinelOne: What Was Found & What Was Missed 🚨
Why Are SMB File Transfers Slow Over A VPN?
How To Troubleshoot and Diagnose Networking Issues Using pfsense
Protect Your Data, Replicate You Data, & Recover Quickly From Ransomware Using Synology Snapshots
Remote Command Execution pfsense pfblocker ⚠️CVE2022-31814
pfsense: Blocking Threats With pfblockerNG Lists