DC Phone Home - network security tool (pentesting) for the sega dreamcast

[SMiTH]

DC Phone Home is a network security tool (pentesting) for the sega dreamcast.
Thanks to deluxux for finding the iso.
If some1 wants to test it on their own network and give a review? (obviously not on outside networks)
Very cool concept and might be cool to build on to create an updated pentesting tool for dc?
Either way its cool that this exists.

DC Phone Home ISO:
https://defcon.org/images/defcon-10/dc- ... PH_X86.ISO

DC Phone Home Docu:
https://defcon.org/images/defcon-10/dc- ... davis2.pdf

DEF CON 10 Hacking Conference Presentation By Chris Davis (video):


DEF CON 10 Hacking Conference Presentation By Chris Davis (audio):
https://media.defcon.org/DEF%20CON%2010 ... 0Audio.m4b

[deluxux]

We found the X86 ISO, Let's find the Dreamcast software, surely it's archived somewhere if it was released at Defcon

[SMiTH]

I bet it was kept by them because they describe the issues they solved when compiling the dc linux iso. (one thing was looping a cmd until the network was actually found)
But, the dc iso could be somewhere out there? I actually never thought that anything would be found...

More than likely some1 would need to create a dc linux iso with the workarounds they described and then add in the various security tools.
This would be better anyhow since there could be newer software added to make it more compatible with modern networks.
I guess what I'm saying is.. use the workaround/fixes described, add in newer security tools = better pentesting in 2022?
Either way the entire concept is cool.

I could be way off here but what it seems like is the dreamcast connects to network, then the x86 iso is used to then tunnel pc connection to the dreamcast to remotely launch various linux tools/apps on the dc. (hence the name "phone home")
I guess you could say this is like a mitm attack using a video game console?
but, the term attack doesn't quite fit since this is ethical hacking used to test network vulnerabilities/ (pentest).
similar to what nmap does.

They also describe methods/theories that could stop this type of "attack"..many things that had not even been developed.
In reality many connections need to remain open in order for everything to work, so there is always that? (can't close ports that are needed for everything to work correctly) referring to a biz/corp/enterprise network.

What I don't understand is how could the internal network even allow a connection from an unknown device? I could understand a connection to a seperate open public network.
Unless they physically tapped into the network, (they did?)
ok, i guess that was a bit of a rant lol

It would be cool if others here gave their opinions about dc phone home as well...

[deluxux]

Code: Select all

https://defcon.org/html/defcon-10/defcon-10-speakers.html#higbeedavis

Code: Select all

DC Phone Home (DreamCast Phone Home, a pun on the well-known film ET: The Extraterrestrial) is a project that challenges conventional enterprise security models by showing the ease by which an attack to an organization's network resources and infrastructure can be performed from an internal perspective. Simply put, once the DreamCast is deployed, it 'phones home' joining an organization's internal network with a remote network. We show that this type of attack can be performed easily with a variety of available hardware and software and in such a way that is not easily discovered by an organization's employees or security resources. Our presentation will include development descriptions and demonstrations of the attack tools that we have developed and are continuing to develop. The attack tools are comprised of a SEGA Dreamcast, a Compaq iPAQ handheld device, and a bootable x86 CD-ROM which can perform the attack using any available PC. Using open-source tools that we have ported to these platforms, we have created devices that 'phones home' over known protocols.

Aaron Higbee has been working in information security for the past 4 years, getting his start at Earthlink Network as a Network Abuse Administrator. In this position, Aaron became intimately acquainted with the tactics of spammers, hackers, and every kind of network abuse imaginable. Later, while working as RoadRunner's Senior Security Administrator, Aaron learned and responded to the network abuse problems that plague broadband connections. Working at two national service providers, Aaron was able to become an expert in the tactics of hackers and the mistakes that get them caught. This experience made his transition from incident response to penetration testing a natural one. Currently, Aaron works for Foundstone Inc. as a security consultant.

Chris Davis has been working in the field of information technology for 8 years, with a concentration on information security for the past 4 years. He has participated in secure systems development, information security consulting, penetration testing and vulnerability assessments, and information security R&D. He is a contributing author to Newrider's recent publication Building Linux Virtual Private Networks(VPN) and continues to write and publish various papers. He has developed and instructed a number of courses, the most recent of which was a 3-month course on software vulnerability discovery and exploit coding. Currently, Chris is a Senior Security Consultant for RedSiren.

[SMiTH]

I think the phone home has a dual meaning.
One for E.T movie reference, and the other being that the dc is phoning home -back to the pc running the x86 iso?

As for E.T the movie, I do see the nostalgia factor in it and its a wholesome movie..
But, like most cases when you rewatch a movie for nostalgia..you kinda see how cheesy it actually was.
Its like the goonies movie, it is nostalgic. but it borders on being a bit annoying..I still like it though lol

I wonder what versions of linux could be used to make a newer build of dc linux.
What if some1 used the sd card adapter for vram or something like that?
More than likely an optimized dc linux could be created with more functionality than previous builds?
Idk?

[deluxux]

I asked ChatGPT about this... its just a better ask jeeves...

Chris Davis and Aaron Higbee are both well-known individuals in the field of cybersecurity.

Chris Davis is a certified information systems security professional (CISSP) and has worked in various roles within the cybersecurity industry. Unfortunately, without more specific information, it is difficult to provide additional details about his background or specific contributions.

RedSiren, mentioned alongside Chris Davis, was a cybersecurity company that provided a range of services, including managed security services, risk and compliance assessments, incident response, and security consulting. It was based in Reston, Virginia. However, it's important to note that my knowledge cutoff is in September 2021, and there may have been changes or developments since then.

Aaron Higbee is also a CISSP and has made notable contributions to the field of cybersecurity. He co-founded a company called "PhishMe" (now known as "Cofense"), which specializes in phishing defense solutions. Their solutions aim to help organizations train their employees to recognize and defend against phishing attacks effectively.

Foundstone, mentioned alongside Aaron Higbee, is a well-known cybersecurity company that provides a range of services, including vulnerability assessments, penetration testing, incident response, and security training. It was headquartered in Washington, D.C.

Please note that the information provided is based on publicly available knowledge up until September 2021, and there may have been changes or updates since then.

DC Phone Home is a project that aims to challenge conventional enterprise security models by demonstrating how easily an attack can be performed from an internal perspective using readily available hardware and software.

The project involves deploying a SEGA Dreamcast, a Compaq iPAQ handheld device, and a bootable x86 CD-ROM that can perform the attack using any available PC. By porting open-source tools to these platforms, the project creators have developed devices that can connect to an organization's internal network using known protocols, essentially "phoning home" to establish a connection with a remote network.

Aaron Higbee has experience in network abuse administration and security administration, which provided him with insights into the tactics employed by spammers, hackers, and network abusers. He transitioned from incident response to penetration testing and currently works as a security consultant for Foundstone Inc.

Chris Davis has a background in information technology and has been involved in secure systems development, information security consulting, penetration testing, vulnerability assessments, and information security research and development (R&D). He has authored papers and contributed to publications like "Building Linux Virtual Private Networks (VPN)." Chris currently serves as a Senior Security Consultant for RedSiren.

Please note that the information provided is based on the details you shared, and my knowledge cutoff is in September 2021. There may have been updates or changes since then.

Maybe we could send some emails out.....