Had a few people ask for the actual presentation, so here you are!
I am a mainframer – Interview with Open Mainframe Project
RACF masking algorithm, unmasked
I’d been asked a few times recently for the code that generates the ICHDEX01 RACF masking exit. If you recall, this was the pre-DES (and long pre-KDFAES) algorithm that RACF used to store its passwords. (If you want more detail about this as the other algorithms, see my presentation from SHARE 2016)
The algorithm, through a series of shifts and XORs transforms the user’s 8 character password into the masked equivalent. Quick users will see that the algorithm does little to actually protect the passwords from reverse engineering as there is a 1:1 relationship with the input (plaintext) character in position X to its corresponding output masked character in the same position X.
For example, given algorithm mask(), the following examples hold true:
1 2 3 4 5 6 7 8 9 |
PLAIN MASK A D57C4C4C4C4C4C4C A1 D5D07C4C4C4C4C4C A12 D5D0D32C4C4C4C4C A123 D5D0D3821C4C4C4C A1234 D5D0D382B58C4C4C A12345 D5D0D382B524BC4C A123456 D5D0D382B52417EC A1234567 D5D0D382B5241746 |
So all we need do is encode via the algorithm each character until we have positions in the new mask matching the given mask.
The github repo below has both the encoder (ichdex01.py) and brute-forcer (masking_bf.py)
Enjoy.
Evil Mainframe training is going abroad
Watch this space.
CA World 2017
If you’re going to #CAWORLD 2017 – Come see my Tech Talk, “Pervasive Encryption – Speed Round” to hear the basics & practicalities of IBM’s new Dataset Encryption.
Mainframes, An Overlooked Cyber Attack Target: Part Two
Part two of my interview on Mainframes as a Cyber Attack target
ArcticCon – Thawing the frame – slide video
Enjoy – Thawing the frame from ArcticCon
Watch the video (no audio) of the slides here:
VIDEO – Z Ransomware – SHARE 2017-San Jose
For anyone who missed my talk at SHARE 2017 – Ransomware on Z – Checkmate!
Here it is in its entirety. Enjoy! Ransomware on Z – Checkmate!
Please note that these videos and all videos released by SHARE are copyrighted by SHARE and are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license. http://creativecommons.org/licenses/by-nc-nd/3.0/ This means that you can use but not edit or create derivative works of/from this video. All credit for video and its distribution are from SHARE.
Mainframes, An Overlooked Cyber Attack Target: Part One
An interview I gave regarding the state of mainframe security. Pt. 1.
New job – Doing what I love
Well – the time has come to start doing what I love to do full time. I couldn’t be happier to announce that I’m working with RSM Partners, Ltd to help bring their amazing mainframe services, security & software business to North America. This is going to be a great challenge and a great opportunity. Super excited to work with all the amazingly talented people at RSM.
RSM Appoints North America Director
Enterprise Systems Media – RSM Partners announces new N. America Director