Jump to content

User:TheRSnakeShow/sandbox

From Wikipedia, the free encyclopedia
"Robert Hansen" redirects here. For other uses, see Robert Hansen (disambiguation).
Robert Hansen
NationalityUnited States of America
Other namesRSnake
Occupation(s)Computer security researcher, CTO, entrepreneur
Known forDiscovering Slowloris (computer security), Clickjacking, Content Security Policy
Websitersnake.com

Robert Hansen also known as RSnake is an American computer hacker, executive and entrepreneur. He was the founder and CEO of SecTheory and is the CTO of Bit Discovery. [1] He has previously worked at eBay, WhiteHat Security (now NTT), Cable & Wireless plc America, ValueClick and Silicon Alchemy. He founded the ha.ckers.org web application security lab.

RSnake is most well known for his security research and disclosures such as Slowloris (computer security), Clickjacking, Fierce DNS enumeration tool, XSS filter evasion, DNS Rebinding, Content Security Policy and Python NaN Injection.

Education[edit]

RSnake studied computer engineering at California State University, Chico. At CSU Chico, the computer engineering degree was a hybrid degree mixing computer science and electrical engineering.

WebFringe.com[edit]

While at Chico State University, RSnake started webfringe.com, a site that was designed to fix the issues with the second webring on the Internet called "the Fringe of the Web", which had been started by a hacker calling himself "Bronc Buster". RSnake built a self-healing top 100 list to keep the few hacking sites on the Internet interconnected. The issue with webrings being that when enough sites go offline the webrings tended to break where top 100 lists only showed sites with actual traffic flowing to them. [2] [3]

EHAP[edit]

While attending CSU Chico, in June of 2016, RSnake co-founded a nonprofit organization named EHAP (Ethical Hackers Against Pedophilia), which included other hackers such as Genocide2600. [4] [4] EHAP purported to be responsible for uncovering the identities of a number of online pedophiles and associated groups. [5] [6]

Career[edit]

Silicon Alchemy[edit]

While at Silicon Alchemy where he was the Chief Operations Officer, he worked with Bronc Buster on architectural designs for software called Peekabooty, which was a precursor to Tor (network). [3]

RSnake also gave his first public speech at the Black Hat Briefings in Las Vegas, NV in 2001 on hardening of .htaccess files based on his experiences identifying and thwarting automated brute force attacks. [7]

Cable & Wireless America[edit]

RSnake joined Digital Island which was merged with Exodus Communication and eventually turned into Cable & Wireless America. He began his career at the company as a programmer and left as a product manager. While at Cable & Wireless America, RSnake worked with Jeremiah Grossman to create intranet port hacking - a technique by which the browser's internal access to a network is a conduit for malicious HTML and JavaScript to attack internal resources. [8] [4]

EBay Inc[edit]

RSnake was the Sr. Global Product Manager of Trust and Safety at eBay. During his time there, he invented the idea of Content Security Policy as a means to defeat stored cross site scripting. During his tenure at eBay RSnake founded ha.ckers.org a hacker-centric web application security lab.

SecTheory[edit]

RSnake co-founded SecTheory LLC, in Austin Texas where he continued doing Internet security research while consulting. He began by attacking the authentication system at Acutrust using entropy attacks. [2]. The XSS cheatsheet was designed to evade filters that might prevent attackers from injecting Cross Site Scripting. [2]

RSnake worked on two DNS related projects: DNS rebinding research [9] and Fierce DNS enumeration tool that was capable of using brute force enumeration to identify assets of a target domain in 2009. [2]

Adding to the groundswell of intranet port scanning research, RSnake introduced the concept of RFC1918 cache poisoning, which used the browser's cache and overlapping RFC1918 space to compromise networks that an adversary would not normally have access to. [3]

RSnake built a denial of service tool called Slowloris (computer security) which used partially complete HTTP requests in parallel to deny service to Apache websites. Slowloris was used during the 2009 Iranian presidential election protests to take down leadership websites. [9]

Shortly thereafter, RSnake and Jeremiah Grossman co-authored a new exploit class called Clickjacking. [9] [10]

RSnake and James Flom co-created Falling Rock Networks, which was a productized version of the ha.ckers.org's hardware and software stack which heavily utilized Berkeley Software Distribution Chroot jails. [10]

In 2010 and during his time analyzing HTTPS, RSnake and Josh Sokol presented at the Black Hat Briefings a collection of two dozen HTTPS side channel attacks in a presentation dubbed "HTTPS can Byte Me". [9] Shortly thereafter, on December 2010, RSnake wrote his 1000th blog post and officially ended his blogging on ha.ckers.org. [2]

In 2012 RSnake, by way of SecTheory, was involved in the DFIR work after Anonymous hacked Stratfor. [11]

In 2013 Tom Stracener and RSnake co-presented at the DEF CON security conference in Las Vegas, NV on the topic of "Xploiting Google Gadgets: Gmalware and Beyond". [9] The attack used malicious Google Gadgets to phish users and leak sensitive information. After this talk RSnake joined the Black Hat Briefings speaker review board. [7]

While running SecTheory with RSnake, James Flom located a Carnivore (software) device in their network, which ultimately lead RSnake to filing a FOIA request. The CIA gave a Glomar response. [9] On RSnake's Facebook page, he said that the FBI on the other hand “said that my case file was 469 pages, of which they were going to delete 419 before they even sent it to me. That left 50 pages. Those 50 pages though, were just the boilerplate case file and every single page is 100% redacted.”

SecTheory was officially handed over to James Flom in 2013 to run the company after the Subprime mortgage crisis which had a large financial impact on the consulting practice. [3]

WhiteHat Security (Nippon Telegraph and Telephone)[edit]

Jeremiah Grossman hired RSnake to be a director of product management, and was quickly promoted to the title of Vice President of Labs, where he helped launch Aviator, which was a short-lived privacy-focused alternative to Google Chrome. [12]

During his tenure at WhiteHat, RSnake issued a warning about Anonymous having being compromised by nation states on VICE Cyberwar. [13] Subsequently RSnake has explained how he knew that to be true in a conversation with Mike Jones on the H4unt3d Hacker podcast. [9]

RSnake began to collect magic hashes which allow adversaries to utilize collisions to break into web applications when certain types of numerics are used in comparison with existing hashes and those hashes evaluate to 0. [14]

In 2015 RSnake downloaded the North Korean Red Star OS and ran tests to identify issues with the Nanera browser, which lead to understanding that the entirety of North Korea is using RFC1918 address space. [4]

OutsideIntel/Bit Discovery[edit]

In 2018 Bit Discovery acquired RSnake's corporate intelligence platform, OutsideIntel. In 2021, RSnake created a new type of attack called NaN Injection within Python. [1] NaN refers to "Not a Number" which potentially allows an adversary to do many different dangerous things when injected such as privilege escalation, denial of service, incorrect comparison operations and more.

Controversies[edit]

"10 Fucking Days"[edit]

RSnake was involved in the "10 fucking days" imbroglio where Mike Shaver allegedly promised that he could fix any vulnerability in Mozilla's Firefox browser within 10 days. RSnake published this incredulously and which caused community backlash against Mozilla as this was seen as a challenge of sorts. The situation ultimately lead to a recanting of this policy by Mozilla. [15]

Windows Help Centre Vulnerability[edit]

Tavis Ormandy, a Google employee, found an issue within Windows Help Centre and disclosed it publicly without going through the responsible disclosure process. On his blog, RSnake challenged Google to follow its own rules and fire Tavis Ormandy or stop requiring other hackers to follow responsible disclosure rules. This lead to backlash on RSnake's blog from the industry who felt that RSnake was unfairly calling Tavis out and that the exploit was not Google sponsored despite the evidence that Tavis worked for Google and coordinated the disclosure with his manager, Michal Zalewski. [2] Google eventually capitulated by starting Project Zero which largely solved the issue of how Google dealt with 3rd party vulnerability disclosures. RSnake ultimately stopped writing on his blog in part due to the incident. [3]

Hack The Pentagon[edit]

After being invited into the Hack the Pentagon program run by HackerOne, RSnake was apparently almost arrested by the United States Department of Defense for going out of scope during the reconnaissance phase of the government sanctioned penetration test. The arrest never took place, presumably due to pressure from the US Digital Services to save face. This lead to a change of policy that now allows hackers to safely disclose vulnerabilities that they may find in the DoD without fear of retribution. [9]

Works[edit]

  • Fogie, Seth; Grossman, Jeremiah; Hansen, Robert; Rager, Anton; Petkov, Petko (2007). XSS Attacks: Cross Site Scripting Exploits and Defense (1 ed.). Rockland, MA: Syngress. ISBN 978-1597491549.
  • Hansen, Robert (2009). Detecting Malice (1 ed.). Austin, TX: Self-publishing. ISBN 978-0-557-18733-1.

References[edit]

  1. ^ a b Grossman, Jeremiah. "Bit Discovery About". Cite error: The named reference "Bit Discovery" was defined multiple times with different content (see the help page).
  2. ^ a b c d e f Hansen, Robert. "The Chilling Effect". Cite error: The named reference "ha.ckers.org" was defined multiple times with different content (see the help page).
  3. ^ a b c d e Fisher, Dennis. "How I Got Here: Robert "RSnake" Hansen". {{cite magazine}}: Cite magazine requires |magazine= (help) Cite error: The named reference "Threatpost" was defined multiple times with different content (see the help page).
  4. ^ a b c d Hansen, Robert. "EHAP FAQ". Cite error: The named reference "archive.org" was defined multiple times with different content (see the help page).
  5. ^ Csencsits, Sonia. "COMPUTER CHILD PORN FIGHTERS FOLLOW RULES * THE GROUP LED POLICE TO A BETHLEHEM MAN".
  6. ^ Radcliff, Deborah. "Hacking away at kiddie porn".
  7. ^ a b "Blackhat 2001 Speakers". Cite error: The named reference "Blackhat" was defined multiple times with different content (see the help page).
  8. ^ Grossman, Jeremiah. "Hacking Intranet Website from the Outside".
  9. ^ a b c d e f g h Hansen, Robert. "DNS Rebinding". {{cite magazine}}: Cite magazine requires |magazine= (help) Cite error: The named reference "youtube" was defined multiple times with different content (see the help page).
  10. ^ a b Hansen, Robert. "ClickJacking". {{cite magazine}}: Cite magazine requires |magazine= (help) Cite error: The named reference "SecTheory" was defined multiple times with different content (see the help page).
  11. ^ Knapp, Alex. "Stratfor Back Online; CEO Decries Hacking As Censorship". {{cite magazine}}: Cite magazine requires |magazine= (help)
  12. ^ Scharr, Jill. "Aviator: Hands-On With the Most Secure Web Browser". {{cite magazine}}: Cite magazine requires |magazine= (help)
  13. ^ Makuch, Ben. "VICE Cyberwar S1E1". {{cite magazine}}: Cite magazine requires |magazine= (help)
  14. ^ Hansen, Robert. "Magic Hashes". {{cite magazine}}: Cite magazine requires |magazine= (help)
  15. ^ Snyder, Window. "Mike Shaver Ten Days and Expletives". {{cite magazine}}: Cite magazine requires |magazine= (help)
Retrieved from "https://en.wikipedia.org/w/index.php?title=User:TheRSnakeShow/sandbox&oldid=1066090194"