hacking secondlife
play

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael - PowerPoint PPT Presentation

Jan 09, 2024 •215 likes •692 views

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

  1. Hacking SecondLife™ Michael Thumann Hacking SecondLife™ by Michael Thumann 2/24/08 1

  2. Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or otherwise are in effect. Use of these tools, techniques and technologies are at your own risk. Hacking SecondLife™ by Michael Thumann 2/24/08 2/24/08 2 2

  3. #whoami  Head of Research & Chief Security Officer, ERNW GmbH  Talks and Publications:  “Hacking the Cisco NAC Framework”, Sector, Toronto, November 2007  “Hacking SecondLife”, Daycon, Dayton 2007  “Hacking Cisco NAC”, Hack-in-the-Box, Kuala Lumpur, 2007  “NAC@ACK”, Blackhat-USA, Las Vegas, 2007  “NAC@ACK”, Blackhat-Europe, Amsterdam, 2007  “More IT-Security through PenTests”, Book published by Vieweg 2005  What I like to do  Breaking things ;-) and all that hacking ninjitsu  Diving (you would be surprised what IT-Security lessons you can learn from diving)  Contact Details:  Email: mthumann@ernw.de  Web: http://www.ernw.de Hacking SecondLife™ by Michael Thumann 2/24/08 2/24/08 3 3

  4. #whois ERNW GmbH  Founded in 2001  Based in Heidelberg, Germany (+ small office in Lisbon, PT)  Network Consulting with a dedicated focus on InfoSec  Current force level: 15 employees  Key fields of activity:  Audit/Penetration-Testing  Risk-Evaluation & -Management, Security Management  Security Research  Our customers: banks, federal agencies, internet providers/ carriers, large enterprises Hacking SecondLife™ by Michael Thumann 2/24/08 4

  5. Agenda  Part 1 – Why to hack Online Games  Part 2 – SecondLife ™ Architecture  Part 3 – Hacking the Game  Part 4 – Attacks from the Virtual World  Part 5 – Showtime Hacking SecondLife™ by Michael Thumann 2/24/08 5

  6. Part 1 – Why to hack Online Games Hacking SecondLife™ by Michael Thumann 2/24/08 6

  7. Why to hack Online Games  Cheating is much more easier than spending long time to reach the next level, earning points, money or whatever  Because watching tv or hacking yet another web server is boring  It’s fun  To show that we can do it  To give cool talks, you will see it will be pretty cool  Because there are marketplaces where you make real money out of it and I would like to be rich *justkidding*  And to improve security, because the threats are real and exploiting online games gets more common Hacking SecondLife™ by Michael Thumann 2/24/08 7

  8. Why SecondLife ™ ?  Many people are playing SecondLife ™  There’s a Scripting Language in SecondLife ™ , do you know LSL (Linden Scripting Language) ?  Because you can attack real world systems out of the virtual world  Identity Theft looks sooo pretty easy in SecondLife ™  Identity Theft gives you all their damned Linden Dollars  Current change rate L$ 230 = US$ 1  Hacking SecondLife™ by Michael Thumann 2/24/08 8

  9. Part 2 – SecondLife™ Architecture Hacking SecondLife™ by Michael Thumann 2/24/08 9

  10. SecondLife ™ Components  Login Server: Handles authentication, determines login region and finds corresponding Simulator  User Server: Handles instant messaging sessions  Data Server: Handles connections to the central database, log database, inventory database and search database  Space Server: Handles routing of messages based on grid locations. Simulators register here and get information about their neighbors Hacking SecondLife™ by Michael Thumann 2/24/08 10

  11. SecondLife ™ Components  Central Database: Inventory, Billing etc.  Simulator: Each simulator process simulates one 256x256 meter region of the virtual world  Grid: The virtual world based on simulators  Viewer: The Game Client  Avatar: Your Second Life Character Hacking SecondLife™ by Michael Thumann 2/24/08 11

  12. SecondLife ™ Architecture The Grid Second Life Second Life Second Life Second Life Simulator Simulator Simulator Simulator Second Life Second Life Second Life Second Life Simulator Simulator Simulator Simulator SL Viewer Login Server Data Server User Server Space Server Central Central Central Central DB Server DB Server DB Server DB Server Hacking SecondLife™ by Michael Thumann 2/24/08 12

  13. Part 3 – Hacking the Game Hacking SecondLife™ by Michael Thumann 2/24/08 13

  14. Threat Analysis with STRIDE  Spoofing Identity  Tampering with Data  Repudiation  Information Disclosure  Denial of Service  Elevation of Privileges Hacking SecondLife™ by Michael Thumann 2/24/08 14

  15. Interesting Points of Attack The Grid Second Life Second Life Second Life Second Life Simulator Simulator Simulator Simulator  Second Life Second Life Second Life Second Life Simulator Simulator Simulator Simulator SL Viewer Login Server  Data Server User Server Space Server Central Central Central Central DB Server DB Server DB Server DB Server   Hacking SecondLife™ by Michael Thumann 2/24/08 15

  16. Threat Analysis with STRIDE 1. Spoofing Identity (Identity Theft) / Tampering with Data (Cheating) 2. Spoofing Identity (Identity Theft) 3. Repudiation (Billing) / Tampering with Data (increase your L$) Hacking SecondLife™ by Michael Thumann 2/24/08 16

  17. The Viewer  Let’s focus on the viewer, cause attacking Linden Lab’s Systems is illegal   Luckily the source is available (the viewer is Open Source), so we can find out how the stuff is working  And we can modify everything we want and build our own client   So what can we do: Identity Theft and Cheating Hacking SecondLife™ by Michael Thumann 2/24/08 17

  18. The Viewer – Identity Theft  We need Username and Password  You can find everything you want in “\Documents and Settings\<WinUser>\Application Data\SecondLife”  There’s a directory named “firstname_lastname” of your SL account  If the password is saved, you can find it in the subdirectory “user_settings” in the file “password.dat”  … and you need the MAC Address of the victim system too (you still remember commands like “ipconfig /all” and how to enter them at a commandline  ?) Hacking SecondLife™ by Michael Thumann 2/24/08 18

  19. Password Encryption MAC Address MD5 Hash of password Linden Lab XOR Cipher Saved in password.dat if “Remember“ is enabled Hacking SecondLife™ by Michael Thumann 2/24/08 19

  20. Password Cracking  The Viewer uses standard MD5  The MD5 Hash is xored with the MAC Address  Time to build a SL password cracker?  Or just use tools like md5crack or mdcrack  Hacking SecondLife™ by Michael Thumann 2/24/08 20

  21. Vulnerabilities in SecondLife ™ Hacking SecondLife™ by Michael Thumann 2/24/08 21

  22. Cheating – Main Goals  Try to find out where the inventory is located and if you are able to modify it (change your amount of L$)  Find any kind of magic key sequences built in like typing “wanttoberich” and get rich  or getting into “GodMode” (I am Avatar Allmighty) that is reserved for Linden employees  Automate stupid and boring things while playing (not relevant at a first glance, but what about an Avatar that automatically builds objects in a sandbox area and then tries to sell them to other people?) Hacking SecondLife™ by Michael Thumann 2/24/08 22

  23. Cheating – What to do  Reverse engineer the game client (but why, we have the source code  )  Look at different memory locations for interesting Data  Sniff the network traffic  Modify the Game Client to fit your needs (add some nice logging capabilities for example)  Attack the game environment (illegal !!!) Hacking SecondLife™ by Michael Thumann 2/24/08 23

  24. Cheating – Memory Hacking SecondLife™ by Michael Thumann 2/24/08 24

  25. Cheating – Sniffing Hacking SecondLife™ by Michael Thumann 2/24/08 25

  26. The Viewer – 1 st Conclusion  I don’t say that SL is secure!!!  At least the developers spend some of their time to audit the source code automatically using the tool flawfinder  The password, if saved, is encrypted with a “key” from the user system  Important Data is stored in the Central Database and not on the viewer system, so it’s not subject to tampering  Patching of the viewer is enforced by Linden Labs (that kicked my password stealing demo, sorry guys)  I have seen worse things Hacking SecondLife™ by Michael Thumann 2/24/08 26

  27. Security@LindenLabs  The environment uses Apache and Squid on Debian Linux (sounds good, if you still believe that Linux is secure)  Reverse proxy concepts are used  Login is done via HTTPS Hacking SecondLife™ by Michael Thumann 2/24/08 27

  28. Environment https://66.150.244.178/favicon.ico GET /favicon.ico HTTP/1.0 Host: 66.150.244.178 … Connection: keep-alive HTTP/1.x 404 Not Found Date: Sat, 13 Oct 2007 03:28:32 GMT Server: Apache/2.0.54 (Debian GNU/Linux) mod_auth_kerb/5.0-rc6 DAV/2 SVN/ 1.4.2 mod_jk2/2.0.4 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 … X-Cache: MISS from login7.agni.lindenlab.com X-Cache-Lookup: MISS from login7.agni.lindenlab.com:80 Via: 1.0 login7.agni.lindenlab.com:80 (squid/2.6.STABLE12) Hacking SecondLife™ by Michael Thumann 2/24/08 28

  29. Does this server look secure? Hacking SecondLife™ by Michael Thumann 2/24/08 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cray XT in SecondLife By Jason Tan, Western Australian Supercomputer Program at The University

Cray XT in SecondLife By Jason Tan, Western Australian Supercomputer Program at The University

Cray XT in SecondLife By Jason Tan, Western Australian Supercomputer Program at The University of Western Australia HPC - Cray XT: Marron Other Resources SecondLife 3D Virtual Environment Linden Labs Avatar Build

163 views • 14 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation &amp; privilege escalation 4. Maintaining access &amp; covering tracks

960 views • 62 slides
Opening session Bled, September 7, 2009 ECML PKDD in SecondLife For the first time, ECML PKDD

Opening session Bled, September 7, 2009 ECML PKDD in SecondLife For the first time, ECML PKDD

Opening session Bled, September 7, 2009 ECML PKDD in SecondLife For the first time, ECML PKDD present in a virtual world Opening and Awards ceremony and the invited talk by Rosie Jones broadcast in real time to a virtual conference

576 views • 47 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits &amp; Demos Q&amp;A Why? Wrights Law

485 views • 27 slides
Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by benign purposes Hacktivism Counterhacking Case Studies Site defacement Network exploration / Port scanning / SQL injection / . . .

522 views • 18 slides
Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

ECF gratefully acknowledges financial support from the European Commission. Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in) the city of Copenhagen using bicycles. Bicycle-as-a-Sensor 1.

278 views • 11 slides
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers Objectives After reading this chapter and completing the exercises, you will be able to: Describe Web applications Explain Web application

530 views • 9 slides
Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach &amp; Liu, LLC www.stachliu.com Agenda O V E R V I E W

1.07k views • 72 slides
ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING TOOLKIT FREE, OPEN-SOURCE WHAT IS ZIGDIGGITY??? + = RaspBee radio + Raspberry Pi ZigDiggity - GitHub Code http://zigdiggity.com BISHOPFOX

617 views • 23 slides
Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020 HACKING C# - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases. Blogger, public speaker. Author of .NET

481 views • 37 slides
Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi From Myself Associate Professor at UiO Teaching Ethical Hacking since 2012 Lecturer of the IN5290 Ethical Hacking at UiO Leader

878 views • 66 slides
Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

CLIMATE CHANGE IN HELTHCARE : Driving Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking engelen GIB DE MEDEIROS, PH.D. Digital Hospital Transformation Forum at HIC 2017 Brisbane, Australia HACKING

644 views • 27 slides
Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking Telco equipment: The HLR/HSS Laurent Ghigonis P1 Security 2014, Hackito Ergo Sum - Security Conference What are we talking about ? A mobile

724 views • 59 slides
Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Mr. Robot, an Emmy Award-winning TV drama starring a vigilante hacker CS 88S Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review last weeks material Hack Hollywood Hacking: The Good, The

718 views • 45 slides
Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized cybercrime Joseph Menn Agenda Agenda Why Russia matters (and differs from China) Why Russia matters (and differs from China) How three hackers got

557 views • 12 slides
Jukebox:Low-fi Prototyping and Testing Overview Designs Mission Testing and and Statement

Jukebox:Low-fi Prototyping and Testing Overview Designs Mission Testing and and Statement

Jukebox:Low-fi Prototyping and Testing Overview Designs Mission Testing and and Statement Results Prototype 2 Mission Statement 1 3 4 Help people be happier in places they spend and empower them to get to their perfect environment

277 views • 26 slides
Create Your Client Avatar ANGIE WEBER CONSULTING Hello. GET DOWN TO BUSINESS In one sentence,

Create Your Client Avatar ANGIE WEBER CONSULTING Hello. GET DOWN TO BUSINESS In one sentence,

Create Your Client Avatar ANGIE WEBER CONSULTING Hello. GET DOWN TO BUSINESS In one sentence, what do you do? What is your WHY for doing what you do every.single.day? What values do you run your company by? How do you solve

466 views • 31 slides
3 Steps to Creating Memorable &amp; Effective Content Create the right content for your

3 Steps to Creating Memorable &amp; Effective Content Create the right content for your

3 Steps to Creating Memorable &amp; Effective Content Create the right content for your audience! 1 C2017 Outridge Enterprises Inc 3 Steps to Creating Memorable &amp; Effective Content What You Will Learn Step 1-Creating Your Program

251 views • 21 slides
IVY Project partners: Interpreter Education University of Surrey (co-ordinator, UK) in an

IVY Project partners: Interpreter Education University of Surrey (co-ordinator, UK) in an

Higher Education Academy Background Collaborative and innovative approaches to bringing technology into interpreter education classrooms Heriot-Watt University, 6 February 2014 IVY - Interpreting in Virtual Reality EVIVA - Evaluating the

271 views • 5 slides
FROM CHEAP TO AVATAR How Tele2 repositioned their brand on the swedish market Lotta Tjulin

FROM CHEAP TO AVATAR How Tele2 repositioned their brand on the swedish market Lotta Tjulin

FROM CHEAP TO AVATAR How Tele2 repositioned their brand on the swedish market Lotta Tjulin Thrnqvist Commercial Manager Schibsted Content Studio 1 Background AGENDA The Brief The challenge The solution The result 2 Change is

560 views • 13 slides
Three Poinciana Legal Actions Lawsuit Poinciana Homeowners vs APV, Avatar and Village 1 Case #

Three Poinciana Legal Actions Lawsuit Poinciana Homeowners vs APV, Avatar and Village 1 Case #

Three Poinciana Legal Actions Lawsuit Poinciana Homeowners vs APV, Avatar and Village 1 Case # 2015-CA-004499 Status: Ongoing DBPR Complaint Martin Negron vs APV Case # 2017-01-1731 Status: Assigned to Arbitrator Lawsuit Poinciana CDDs

156 views • 11 slides
U.S. Customs &amp; Border Protection Tucson Field Office James Tong Assistant Director Field

U.S. Customs &amp; Border Protection Tucson Field Office James Tong Assistant Director Field

U.S. Customs &amp; Border Protection Tucson Field Office James Tong Assistant Director Field Operations Tucson, Arizona Fiscal Year 2010 Daily Activities $7.4 million spent in Arizona by visitors from Mexico* $52 million in commercial

149 views • 11 slides
IVA Interactive Video Avatar (Toolkit for an interactive video for creating Avatar, simulator

IVA Interactive Video Avatar (Toolkit for an interactive video for creating Avatar, simulator

IBM - CVUT Student Research Projects IVA Interactive Video Avatar (Toolkit for an interactive video for creating Avatar, simulator etc.) Frantiek Kafka (kafkaf1@fel.cvut.cz) Lud k Krejzar (krejzl1@fel.cvut.cz) The aim of project the

732 views • 6 slides

More recommend