How To Hack Satellite Internet & Surf Anonymously How To Hack Satellite Internet & Surf Anonymously
  A Spanish researcher demos new satellite-hijacking tricks with cybercriminal potential. Satellites can bring a digital signal to places where the Internet seems like... How To Hack Satellite Internet & Surf Anonymously

 

A Spanish researcher demos new satellite-hijacking tricks with cybercriminal potential.

Satellites can bring a digital signal to places where the Internet seems like a miracle: off-the-grid desert solar farms, the Arctic or an aircraft carrier at sea. But in beaming data to and from the world’s most remote places, satellite Internet may also offer its signal to a less benign recipient: any digital miscreant within thousands of miles.

In a presentation at the Black Hat security conference in Arlington, Va., Tuesday, Spanish cybersecurity researcher Leonardo Nve presented a variety of tricks for gaining access to and exploiting satellite Internet connections. Using less than $75 in tools, Nve, a researcher with security firm S21Sec, says that he can intercept Digital Video Broadcast (DVB) signals to get free high-speed Internet. And while that’s not a particularly new trick–hackers have long been able to intercept satellite TV or other sky-borne signals–Nve also went a step further, describing how he was able to use satellite signals to anonymize his Internet connection, gain access to private networks and even intercept satellite Internet users’ requests for Web pages and replace them with spoofed sites.

“What’s interesting about this is that it’s very, very easy,” says Nve. “Anyone can do it: phishers or Chinese hackers … it’s like a very big Wi-Fi network that’s easy to access.”

In a penetration test on a client’s network, Nve used a Skystar 2 PCI satellite receiver card, a piece of hardware that can be bought on eBay ( EBAY – news – people ) for $30 or less, along with open source Linux DVB software applications and the network data analysis or “sniffing” tool Wireshark.

Exploiting that signal, Nve says he was able to impersonate any user connecting to the Internet via satellite, effectively creating a high-speed, untraceable anonymous Internet connection that that can be used for nefarious online activities.

Nve also reversed the trick, impersonating Web sites that a satellite user is attempting to visit by intercepting a Domain Name System (DNS) request–a request for an Internet service provider (ISP) to convert a spelled out Web site name into the numerical IP address where it’s stored–and sending back an answer faster than the ISP. That allows him to replace a Web site that a user navigates to directly with a site of his choosing, creating the potential for undetectable cybercrime sites that steal passwords or installs malicious software.

In his tests on the client’s network, Nve says he was also able to hijack signals using GRE or TCP protocols that enterprises use to communicate between PCs and servers or between offices, using the connections to gain access to a corporation or government agency’s local area network.

The Barcelona-based researcher tested his methods on geosynchronous satellites aimed at Europe, Africa and South America. But he says there’s little doubt that the same tricks would work on satellites facing North America or anywhere else.

What makes his attacks possible, Nve says, is that DVB signals are usually left unencrypted. That lack of simple security, he says, stems from the logistical and legal complications of scrambling the signal, which might make it harder to share data among companies or agencies and–given that a satellite signal covers many countries–could run into red tape surrounding international use of cryptography. “Each [country] can have its own law for crypto,” says Nve. “It’s easier not to have encryption at the DVB layer.”

Nve isn’t the first to show the vulnerability of supposedly secure satellite connections. John Walker, a British satellite enthusiast, told the BBC in 2002 that he could watch unencrypted NATO video feeds from surveillance sorties in the Balkans. And the same lack of encryption allowed insurgents to hack into the video feed of unmanned U.S. drone planes scouting Afghanistan, the Wall Street Journal reported in December.

In fact, the techniques that Nve demonstrated are probably known to other satellite hackers but never publicized, says Jim Geovedi, a satellite security researcher and consultant with the firm Bellua in Indonesia. He compares satellite hacking to early phone hacking or “phreaking,” a practice that’s not well protected against but performed by only a small number of people worldwide. “This satellite hacking thing is still considered blackbox knowledge,” he wrote in an e-mail to Forbes. “I believe there are many people out there who conduct similar research. They may have some cool tricks but have kept them secret for ages.”

At last year’s Black Hat D.C. conference, British cybersecurity researcher Adam Laurie demonstrated how he intercepts satellite signals with techniques similar to Nve, using a DreamBox satellite receiver and Wireshark. But Nve argues that his method is far cheaper–Laurie’s DreamBox setup cost around $750–and that he’s the first to demonstrate satellite signal hijacking rather than mere interception.

“I’m not just talking about watching TV,” says Nve. “I’m talking about doing some very scary things.”

 

 

At 12:57 PM, Anonymous satellite_hacker said…

Satellite hacking for fun isn’t cheap! One of the sessions I was really looking forward to ahead of the Black Hat DC event this year was Adam Laurie’s session titled – Satellite Hacking for Fun and Profit.

It’s a session that didn’t disappoint, Laurie is always entertaining, but it also revealed how much effort is actually required to try and get at satellite signals.

First off, Laurie prefaced his talk by noting that he wasn’t going to talk about hacking the actual satellite in space itself.

“I’m playing it safe and just looking at what is coming down,” Laurie told the Black Hat audience.

Instead what Laurie focused his talk on was something he called ‘Feed Hunting’ – that is looking for satellite feeds that are not supposed to be found. Laurie claimed that he has been doing satellite feed hunting for years – at least as far back as the untimely demise of the late Princess Diana in 1997. Laurie claimed that he was able to find a non-public feed from a TV broadcaster that had left their transponder on in a Paris hotel room.

Fast forward a dozen years and Laurie commented that the technology to identify satellite feeds has progressed dramatically. Among the reasons why he satellite feed hunting has gotten easier is an open source based satellite received called the dreambox.

Laurie explained that the dreambox has a web interface that makes it easier to find streams and provides information on what the stream includes. Another open source technology also helps to feed hunt satellite content.

A project called dvbsnoop is a DVB (dIgital video broadcasting) and MPEG stream analyzer that lets the user access raw data from DVB card. By sifting through the raw data, Laurie demonstrated that interesting satellite feeds that weren’t intended to be public could be found.

Going a step further, Laurie claimed that he had created his own python based script called dreaMMap that could create a 3d model of satellite frequency transmissions. With the 3D model the user just does a point and click to steer dish to a particular satellite frequency. One memory of the Black Hat audience asked Laurie if what he was doing was legal. Laurie shrugged and commented:

“I’m in the US giving a talk where I’m tunneled to my server in the UK and looking at a satellite in space that is over Africa – so who would get me?”

All told there is a financial cost to Laurie’s satellite feed hunting techniques – and that cost is approximately $785 for the Dreambox hardware, the actual satellite dish and then the motor and the mount for the dish. Well I guess if you’ve got the money to burn…

SOURCE: Satellite Internet Blog

  • dagyboy

    January 3, 2014 #1 Author

    i would like to be able to get satellite internet out in the sticks here in Australia. would like to know “the cost” of a “hacked system” including the parts or equipment needed to gain satellite internet access. have got a satellite television dish with a hacked “card” but they changed the frequency was changed and no longer have television either. any info would be greatly appreciated. thanks.

    Reply

  • Sarah

    March 23, 2014 #2 Author

    The title says “How to…” ?

    Reply

  • John Micke

    April 23, 2014 #3 Author

    I have both C band and Ku Band dish ant. I want to Is it possible to use free internet with those by a reciever?

    Reply

  • Monique Small

    June 3, 2014 #4 Author

    I am a victim of satellite hijacking.I’m seeking a security satellite specialist who’s extremely technical savy.There some illegal programmed, Computer software being spewed through my cable service.Please contact me via email or phone9519058474 This is not joke!!I have tapes.Please contact me via email or phone9519058474.Tha

    Reply

    • Monique Small2

      July 8, 2014 #5 Author

      Monique, you just posted your Phone Number on the internet. Get off the internet before you hurt yourself further. I suggest not driving a car or anything requiring basic knowledge.

  • André Daniel

    July 20, 2014 #6 Author

    This seems like pure bullshit.

    First of all, most satellite ISPs use the satellite to only provide the downstream bandwidth, whereas the upstream data goes over a conventionnal DSL or mobile broadband, so okay you can intercept downstream stuff such as unencrypted webpages, but you can’t modify them nor “steal” the user’s internet access since you have no access to the upstream flow and can’t send any data, so you can only passively watch what the user is doing over unencrypted protocols without being able to interact with the data.

    As for the two-way satellite ISPs I haven’t looked too much into how they work but I’m pretty sure encryption is involved in the upstream data feed, so that “attack” isn’t possible here either.

    Reply

  • T.R.T

    November 10, 2015 #7 Author

    I know ways to avoid
    …Very easy

    Reply

  • eval(ez_write_tag([[300,250],’brighthub_com-medrectangle-2′]));.
    , popped in during GMA’s Pop News segment on Wednesday.
    Tutorials and advertisements could be published by the people on the You – Tube.

    Reply

  • cheapworldcupjerseys.com

    January 24, 2016 #9 Author

    Great but cheap world cup jerseys,kinds of novelty and hot sports gear, low price specially for soccer jerseys.
    Discount NFL jereys and more!
    Read More : cheapworldcupjerseys.com

    Reply

  • nba jersey shop china

    January 24, 2016 #10 Author

    nba jersey shop china nfl shop.com coupon code

    Reply

  • ver xxx porno

    January 24, 2016 #11 Author

    El estudiante Mike Stone posa junto a una pantalla de
    computadora que muestra a una actriz porno.

    Reply

  • ver peliculas xxx

    January 24, 2016 #12 Author

    El rol de la mujer en el porno tradicional period de objeto:
    una muñeca siliconada que tenía la función de satisfacer.

    Reply

  • jordan retros for sale

    January 26, 2016 #13 Author

    Welcome to jordan retros for sale! cheap authentic retro jordans.
    Your sneakers stock shares the option of classic jordan 11 legend shoes
    together with our cheap authentic retro jordans, high quality best for playing basketball
    and free shipping!

    Reply

  • what is the crowdfunding platform

    January 27, 2016 #14 Author

    What’s up friends, nice post and nice arguments commented here, I am actually enjoying by these.

    Reply

  • Cheap NFL Football Jerseys

    January 27, 2016 #15 Author

    The NFL football Jerseys hot and cheap offer. We have authentic jerseys such as San Francisco 49ers,
    and popular custom jerseys wholesale price, large amount order free shipping.

    more from : Cheap NFL Football Jerseys

    Reply

  • http://www.wholesalejerseys-china.com/

    January 27, 2016 #16 Author

    The wholesale jerseys outlet sale right now, wholesale fashionable sports nike
    NFL jerseys from China are selling. we offer fast shipment &
    good quality to you, check us out! More From: http://www.wholesalejerseys-china.com/

    Reply

  • review

    January 27, 2016 #17 Author

    Hey! I know this is kinda off topic however , I’d figured I’d ask.
    Would you be interested in exchanging links or maybe guest
    writing a blog article or vice-versa? My blog covers a lot of the same subjects as yours and I think
    we could greatly benefit from each other. If you might be interested feel free to send me an e-mail.

    I look forward to hearing from you! Excellent blog by the way!

    Reply

  • fifa 15 ultimate team coins

    January 28, 2016 #18 Author

    It’s going to be finish of mine day, but before ending
    I am reading this great post to increase my know-how.

    Reply

  • lasertest

    January 30, 2016 #19 Author

    Greetings! Very helpful advice within this article! It’s the little changes which will make the
    most significant changes. Many thanks for sharing!

    Reply

  • Helmpflicht

    January 30, 2016 #20 Author

    No matter if some one searches for his necessary thing, therefore he/she wants
    to be available that in detail, so that thing is maintained over here.

    Reply

  • chicas hermosas xxx

    January 30, 2016 #21 Author

    El sexo es como un videojuego, vas pasando niveles,
    pero aquí no hay Game Over…” Así de contundente es Dunia Montenegro, una
    de las estrellas porno más experimentadas del panorama
    internacional.

    Reply

Your email address will not be published. Required fields are marked *