Hacking Book | Free Online Hacking Learning

 Home

milipol paris 2017, there are always some technologies beyond imagination

Posted by forbes at 2020-02-27
all

Author: Uncle Yang longas

First article:

Recently, Yang Shufa sent a lot of hot pictures to the friend circle. Many friends in the security circle and the system left messages or private letters, asking to share the harvest of the French military police exhibition. OK, take advantage of the new memory of the European beauties in the venue, and quickly send out:)

Note: for some reasons, Mr. Yang has fuzzified some of the manufacturer's identifications, only for a few examples, and the in-depth content will not be discussed.

0x01 about Milipol

Milipol Paris 2017, one of the three largest military and police equipment exhibitions in the world, is held every two years. This year, there are nearly 1000 exhibitors from more than 150 countries. From the aspects of new weapons, surprise equipment, special operations, detection and control equipment, communication control, suppression of interference, etc., it comprehensively demonstrates the latest technology and equipment in the field of global military and police security. Uncle Yang participated in the grand meeting as the head of RC ² anti secret stealing laboratory.

Due to the participation of key members of military and police agencies, government representatives, PMC, employees of security agencies and third-party purchasers, the exhibition has a high security level. In the first round of visual inspection, anyone who enters the gate of the museum must open the zipper of his coat, open his coat, and show the security personnel that there is no weapon under his armpit or waist. In the buffer area before entering the main venue, everyone should queue up for the second round of detailed body search and bag opening inspection.

Although there is no X-ray machine in place, the security personnel for the body search are really careful, and the men and women are separated. One guy patiently asked Uncle yang to open each zipper of his backpack and check it. Finally, the third round of invitation letter verification is at the gate of the main venue, where the two-dimensional code of the invitation in the chest card will be checked twice, and the passports will be checked randomly. The fourth round of inspection is the exhibition site. The inner circle is patrolled by scattered security personnel, and the outer circle also has French military and police stations with guns.

PS: all applications for participation are submitted online and must pass the preliminary screening from the application source, identity and other aspects by the Milipol organizing committee to obtain the participation code notice email.

Next, uncle Yang will introduce the highlights of the current military. Of course, only from Uncle Yang's expertise and business related aspects, as for the pure military fields such as bomb disposal, underwater frogman penetration, fire control system and Tactical UAV, this paper will not cover them.

0x02 air port monitoring system class

In recent years, with the increasing monitoring efforts of governments in various countries, the group control air port monitoring equipment that can be used in technical investigation and defense is also booming. In addition to being smaller and more precise in the scope of valve cover, there are also some mobile solutions, such as this backpack 4G solution. According to the original words of air-lynx manufacturer's representative, it is suitable for urban and outdoor environments to temporarily build a 4G Encrypt wireless network and provide data interactive access.

A woman at the booth said the technology is mainly for the military, but after uncle Yang talked about it from the perspective of the 4G pseudo base station in the city, the other side immediately showed a smile of fascination.

However, many manufacturers are still using the platform based on "signal suppression degradation attack + open source hacking", which is really speechless... This fake "claim to fix 4G" has been wiped out by various teams in the wireless circle at home and abroad.

For example, the almenta company from India confirmed that the captur one real-time monitoring platform is still using the active mode to suppress and degrade the signal first, and then decode the GSM to realize the monitoring of the short message and voice. Speechless, the other side seems to be very proud of their technical ability, India No.1? ... I don't know. Who gives you confidence? Rejoice?

As for the devices or solutions that use the signaling layer to carry out degradation attacks on 4G networks, it took a long time to turn to this invasys company from the Czech Republic, which claims to be able to do so. However, when Yang Shu asked about the signaling interaction scenario of the base station, his engineer was obviously nervous, and finally had to be frank:

In fact, this kind of signaling degradation attack is just a gimmick. It's just one of the auxiliary means. In practice, it can't be guaranteed to be effective, or it's not effective at all for some operators, mainly by signal suppression and degradation processing... Yah, no wonder you are so guilty? Well, if I hadn't seen a blonde at your front desk, I would have

The company that Yang mentioned before in the official account, which claimed to be able to monitor 3G/4G, has also made an in-depth technical exchange with the other party. One of the other side's experts patiently introduced several types of monitoring systems. Unfortunately, they could not see the specific example demonstration, so uncle Yang still reserved his opinion.

As shown in the figure below, it's totally attracted by the big WiFi interception on the wall. I want to know about the latest international WiFi temporary detection equipment. But after talking with the technicians about the implementation of WiFi mitm, uncle Yang decided to turn around and go... What is it? Is to simply make a fake SSID + BSSID + channel without even a fake DNS + DHCP, dare to let go? It is estimated that the third world countries will be fooled

As for mobile location? Ha ha, this article does not do introduction and discussion.

0x03 signal interference class

Friends who have read Liu's novella "full band blocking interference" must be impressed by the application of the flood blocking signal interference described in this article in the military. In fact, the novel high-power undifferentiated full band jamming equipment has long appeared in the military field, which is mainly used to interfere with the normal operation of C4I system. Look at the familiar umbrella antenna in the figure below.

However, there are also many good products in the field of urban anti-terrorism and commercial security. The Italian manufacturer's Mei product (Zi) is good, which can be set in black-and-white list according to the need. The smallest model is not the size of a notebook, with a thickness of about 5cm. The default battery can work continuously for 4 hours.

His family's UAV directional Jammer (the one on the table above) has a maximum distance of one kilometer (doubt the effective distance). According to the beauty, it has been sold to the Chinese police department. Haha, a domestic product seems to have a high similarity in appearance.

0x04 intelligence collection

The concept of osint about open source intelligence collection has been widely seen. For those who don't know, you can read the article "travel Threat Intelligence: coming back safely, far more important than poetry and distance" (Malaysia chapter) written by Uncle Yang.

Now the automatic intelligence collection platform is the same as described in the "stealth tracking" of American TV series. It can easily crawl out all the associated accounts and information of an account from twitter, Facebook and LinkedIn, and automatically associate and weight the person relationship. It supports both fuzzy definition query and detail intelligence locking.

This threat intelligence platform based on big data is now the new favorite of the global police system, but unfortunately, we did not see the latest information about the crime prediction platform this time.

0x05 stealing / tracking / detection class

Listening equipment also has full development. This time, we saw many special equipment manufacturers, ranging from credit card type listening equipment to portable micro equipment, such as the ultra micro pinhole camera with an aperture of 0.5mm, and even a manufacturer specializing in insole listening and tracking equipment, the main push military boots and outdoor shoes (WTF, later you need slippers to talk to Uncle Yang privately!).

Needless to say, uncle Yang thinks that in the current era of "last kindergarten should be worried", maybe some high-end solutions are suitable for some specific needs. Next year, we will launch a targeted series of RC ².

There are many manufacturers of vehicle tracker, but most of the tracker products mainly use "3G / 4G SIM card + GPS" mode, and there is still no good measure for GPS signal interference.

However, an Italian manufacturer claims that it is the first one to adopt anti-jamming technology in its latest tracker products, which can identify typical GPS jamming and deception technology and give an alarm. It sounds interesting. However, the Italian handsome man didn't explain the principle in detail, but he just threw a few eyes and said keep in deep touch with me and beat uncle Yang back

When it comes to signal detection, how can we get rid of a large American factory like REI? A complete set of professional testing equipment, with at least a million, the general so-called testing companies do not have the ability to detect this aspect.

It's sad to see that, despite the lack of rigorous business testing process and large-scale security project experience, many companies in China dare to provide the top 500 companies with high-level security testing services in offices / meeting rooms only by a few handheld field strength meters, and they are also drunk... (~ ~) a minute of silence for customers~~

When it comes to field strength meter, those who have taken RC? Business course and study course should remember the original British hand-held professional field strength meter, right? Next year, we will invite more industry experts including this British manufacturer to design some interesting courses together. Please wait and see.

In a word, I didn't see any Japanese manufacturers this time, which disappointed uncle Yang... What about those anti stealing experts?

Other equipment such as vehicle chassis detection, thermal energy detection, portable X-ray machine, etc. have manufacturers from the United States, Italy, Germany, the west, India and other parts of the world, directly look at the heat map.

0x06 bulletproof material

Not to mention these military grade bulletproof products, just talk about UL 752, en 1522, NIJ and many other certification standards. In fact, uncle Yang is more concerned about personal, family and company level security products. This time, he made several rounds in the U.S. manufacturer area. Unfortunately, he didn't see the most popular bulletproof backpack manufacturers in the United States (including children's schoolbag, women's satchel, men's computer bag, etc.). But see a few shooting goggles, for fragment protection effect is commendable.

But there are a lot of good things about bulletproof. For example, this Ukrainian manufacturer's ultralight material can be used for vehicle protection. Under the same volume, it weighs less than one third of the current general PE material, which is very suitable for covert refitting of ordinary vehicles.

Touch the bullet holes made by AK47 and ar15 respectively on the door shell. Hey hey, guys, don't be fooled by any popular movie. No matter Land Rover or Cadillac, unless they are reinforced with bullet proof materials in advance, those seemingly thick doors will be worn at one shot.

This year, when Yang Shu led the team to do shooting training, he also personally tested two domestic three-level bulletproof boards with 9mm bullets, with good results. I will write an article next time.

0x07 tactical equipment

The counter of large international factories like aimpoint is always full of people. Compared with the sight on the assault rifle, uncle Yang prefers to aim after the red dot of the pistol. This time, he took the opportunity to try out the products of various manufacturers. I feel the difference is quite big.

However, in this exhibition, the biggest feeling is that individual thermal imaging equipment can be seen everywhere, and many manufacturers are trying to launch equipment with better effect and farther. It seems that there is a long way to go for individual anti infrared equipment ~ ~ well, I can't find the picture. Change it to a red dot one.

There are too many manufacturers selling tactical mount equipment, basically as many as those selling weapons, and there are always plenty of models, from urban operations to special underwater operations. I remember that there is a kind of underwater thruster with frogman fins for special operations. It's very small and it's estimated that the thrust is also very handsome.

Thank you for the warm reception from heliken tactical brand manufacturer. The person in charge actually led Yang Shuo to polish partner to demonstrate the new quick release tactical vest. Haha, I hope there will be cooperation opportunities next year.

0x08 summary & others

Uncle Yang spent the whole four days in the conference hall, carrying 5 or 6 bags of materials. Every afternoon when he took the shuttle bus from the conference group back to the hotel, he was exhausted to death. He had to look up the materials for induction and study. After several days of rest, he finally wrote out the soft articles little by little.

Thank you for the editors of electronic industry, IT168, Heifang, heishou, heix and other big societies / journals / columns over the past 10 years. It's your professional torment that has finally shaped uncle Yang's current writing habits.

Do technology for a long time, more and more feel that if you can't sink down to do things, no matter what you are engaged in, even if it looks like the scenery at the beginning, it is just a mirror in the end. To quote a line from Aesop's Fable: "fine clothes may distinguish, but silly words will reveal a pool.".

Finally, I'll share some heat maps. Keke, mil 2019. See you at the venue~~

This article was published by seebug paper. If you need to reprint it, please indicate the source. Address: https://paper.seebug.org/466/

© 2023