Introducing Responder MultiRelay 1.0

I found this over the weekend as well on Twitter. Looks like an excellent enhancement to an awesome MiTM tool. According to the blurb on GitHub it:

“Currently MultiRelay relays HTTP, WebDav, Proxy and SMB authentications to an SMB server. This tool can be customized to accept a range of users to relay to a target. The concept behind this is to only target domain Administrators, local Administrators, or privileged accounts.”

SDRs used to Break 3G to 5G Mobile Phone Security

Researches recently discovered it is possible to snoop on 3G to 5G cellular networks using a fake base station created by an software defined radio (SDR). It has been well known for the past few years that 2G mobile phone security has been broken, but 3G to 5G remained secure. However, the researchers have now determined that lack of randomness and other weakness you can decrypt traffic over the air.

In their research they used a USRP B210 SDR which costs about $1300, but it’s likely that cheaper TX/RX capable SDRs such as the LimeSDR, HackRF One, and others could also be used. The LimeSDR retails for about $300 and the HackRF One retails for about $330.

Using Cheap USB Adapters as SDR Transmitters

I stumbled across two excellent write ups on how to make a software defined radio (SDR) transmitter on the cheap.

Osmo-FL2K, which is a newly released piece of software by Steve M from Osmocom that turns a common $5-$15 USB to VGA adapter into a transmit only capable SDR. It is very complimentary to the RTL-SDR.

Ted Yapo has released plans and source code which allows the use of a low cost FT232RL based USB to Serial Port adapter as a transmit capable SDR. It appears that the FT232RL via harmonics is able to transmit up to at least 27 MHz, and possibly higher.

Microsoft is replacing Edge with a new browser that is based on Chromium

Microsoft recently announced the end of life for their new Edge browser that was introduced with Windows 10 as a lightweight more secure version of Internet Explorer. Due to a number of severe vulnerabilities shortly after the product was launched it never got any significant traction in the browser wars. It is suspected that they will be writing a new browser that is based on the Chromium engine.