Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hacking Team & pfSense

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    27 Posts 10 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      n3by
      last edited by

      Hi,

      I just browsed on WikiLeaks in Hacking Team emails and I did a search for pfSense, they was monitoring exploits for everything, nothing more found yet.

      https://www.wikileaks.org/hackingteam/emails/emailid/82488
      https://www.wikileaks.org/hackingteam/emails/emailid/378569

      one is from 2014
      E-371 - pfSense Snort File Disclosure

      and one from 2015.
      VulnerabilityCVE-2015-2097alert4.0.0medium37662ESF pfSense WebGUI Deletefile Directory Traversal

      1 Reply Last reply Reply Quote 0
      • jdillardJ Offline
        jdillard
        last edited by

        Search found 52 results: https://www.wikileaks.org/hackingteam/emails/?q=pfsense&mfrom=&mto=&title=¬itle=&date=&nofrom=¬o=&count=50&sort=0#searchresult

        1 Reply Last reply Reply Quote 0
        • ? This user is from outside of this forum
          Guest
          last edited by

          I spent half a day last week looking at the "Virginia" keyword doc's. What this is a fascinating insight to a skumbag world.

          1 Reply Last reply Reply Quote 0
          • K Offline
            kejianshi
            last edited by

            I'd be much happier if these guys would just spend our tax dollars browsing porn all day.  At least thats not destructive in any way.

            1 Reply Last reply Reply Quote 0
            • jahonixJ Offline
              jahonix
              last edited by

              Whom do you mean - Hacking Team or Wikileaks?
              I don't think any of them are getting tax$.

              1 Reply Last reply Reply Quote 0
              • D Offline
                doktornotor Banned
                last edited by

                Hacking Team? Sure they were getting money from taxes. Our (Czech) police, e.g., has spent millions of $ licensing/purchasing this illegal shit.

                1 Reply Last reply Reply Quote 0
                • K Offline
                  kejianshi
                  last edited by

                  They have branches in Annapolis Maryland…

                  I think Annapolis is a brisk walk from NSA...  You could jog it for exercise.

                  1 Reply Last reply Reply Quote 0
                  • S Offline
                    Supermule Banned
                    last edited by

                    Its about 26km's…. I'll be a bit sweaty I must admit...

                    1 Reply Last reply Reply Quote 0
                    • K Offline
                      kejianshi
                      last edited by

                      Yeah.  Its a 15 minute drive….

                      Coincidence I'm sure.  Probably nothing.

                      1 Reply Last reply Reply Quote 0
                      • S Offline
                        Supermule Banned
                        last edited by

                        I agree. Offices at Regus…

                        I wonder why they couldnt find an office closer since they waste 15 mins each way :D

                        1 Reply Last reply Reply Quote 0
                        • K Offline
                          kejianshi
                          last edited by

                          The wikipedia page says they sell to governments and police.  Doesn't take a genius to figure out why they would be in Annapolis.

                          1 Reply Last reply Reply Quote 0
                          • ? This user is from outside of this forum
                            Guest
                            last edited by

                            Come on, You don't think they had something going on with the Navy do you -Shock- You wouldn't set up shop in Annopolis then move to Dulles for nothing. Call it contract graduation. From the office of naval research(Or maybe the NA) to Tysons Corner. Payola.
                            Until someone throws a pie in your face!!!…

                            1 Reply Last reply Reply Quote 0
                            • ? This user is from outside of this forum
                              Guest
                              last edited by

                              To me the sketchy middleman they used for gov sales is the icing on the cake. Hiring a PI to checkout your partner. Classic.

                              1 Reply Last reply Reply Quote 0
                              • ? This user is from outside of this forum
                                Guest
                                last edited by

                                I guess you could say Vice got the scoop on this before the hack.

                                http://motherboard.vice.com/read/the-dea-has-been-secretly-buying-hacking-tools-from-an-italian-company

                                I wonder how this got out..
                                https://s3.amazonaws.com/s3.documentcloud.org/documents/2157703/150224-project-patti-final-report.pdf
                                The PI report on the middleman..

                                1 Reply Last reply Reply Quote 0
                                • N Offline
                                  n3by
                                  last edited by

                                  To be honest I have no problems with this HT company product in a real Democracy if the Governments obey the Law; now the real problem is that code source it is free and it is taken and changed by all scumbags that will target everybody just to steal data/money.

                                  RCS ( from their emails ) it monitor only the targeted user and not the whole computer even if that computer have more users created, you need license for each user monitored on a computer and not for one computer monitored… this is/was a real issue for governments that don't obey the law or are tight on budget and also an obstacle for their sales.

                                  Lots of governments ( even in EU - ex communist countries ) that have complete control over secret services already have this kind of sw bought, stolen or developed by their experts and they target the whole computer or infrastructure ( LAN, Forums... ) and not only one target user.

                                  p.s.
                                  All IT Corporation ( Google, MS, Apple... ) are doing more or less almost the same business ( Track and Sell ) but difference is that people are happy to use and install their product.

                                  1 Reply Last reply Reply Quote 0
                                  • N Offline
                                    n3by
                                    last edited by

                                    Something interesting to watch:

                                    https://youtu.be/4BTTiWkdT8Q

                                    1 Reply Last reply Reply Quote 0
                                    • ? This user is from outside of this forum
                                      Guest
                                      last edited by

                                      They need to come out with a version of Windows called Zero Day and spin it in some good way…

                                      1 Reply Last reply Reply Quote 0
                                      • K Offline
                                        kejianshi
                                        last edited by

                                        Windows issues tons of Zero-Day updates…  sooooooo....

                                        1 Reply Last reply Reply Quote 0
                                        • jimpJ Offline
                                          jimp Rebel Alliance Developer Netgate
                                          last edited by

                                          @Phishfry:

                                          They need to come out with a version of Windows called Zero Day and spin it in some good way…

                                          They're about to come out with Windows one-zero (day). :-)

                                          The "day" is silent…

                                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                          Need help fast? Netgate Global Support!

                                          Do not Chat/PM for help!

                                          1 Reply Last reply Reply Quote 0
                                          • N Offline
                                            n3by
                                            last edited by

                                            I found this Snort rule for detecting Adobe exploit from Rook Security:
                                            https://www.rooksecurity.com/hacking-team-malware-detection-utility/

                                            alert tcp $EXTERNAL_NET any >
                                            $HOME_NET any (msg:"CVE20155122:
                                            Adobe Flash Exploit (Memory Corruption)";
                                            flow:from_server,established; content:"|43 57 53|"; content:"|c9 66
                                            3d 21 24 49 68 69 69 39 12 61 04 4a 49 4e|"; offset:127; sid:9931892;
                                            rev:2;
                                            

                                            anybody can post a link ( or make a quick one ) to a tutorial how to add this custom rule in Snort / Suricata ?

                                            thank you.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.