- DefCon 2011
Leftover notes and resources five weeks after.
- Crack Me If You Can teams – contest.korelogic.com
- Crack Me If You Can InsidePro – contest.korelogic.com
- Crack Me If You Can team john users – contest.korelogic.com
- The Art of Exploiting Lesser Known Injection Flaws Revealed At BlackHat – penetration-testing.7safe.com
The audience at Black Hat, Las Vegas were recently engaged by an interactive workshop titled ‘The Art of Exploiting Lesser Known Injection Flaws’ presented by 7Safe renowned security researchers Sumit Siddarth and Aleksander Gorkowienko.
- OWASP Goatdroid – code.google.com/p/owasp-goatdroid/
The OWASP GoatDroid Project pays homage to the OWASP WebGoat Project. It is a fully functional and self-contained environment for learning more about vulnerabilities and security issues for the Android platform.
- Identifying And Detecting Security Breaches – usa.visa.com
Visa has a slidedeck posted Identifying and Detecting Security Breaches. Sounds fun! If you’ve been around security for a while, nothing will be new in this deck, but it’s a nice and short to breeze through for ideas if something is missing in your enterprise security posture. Every bullet point also makes for a decent item to review or ask your team (if you have one) to describe how it is handled. (I do believe in role-playing!)
- The Big Fat Metasploit Post – securityaegis.com
A while ago we tried to identify a core toolset that every pentester should start with or couldn’t live without. The first article focused on Nmap, The second on our list is none other than the exploit framework Metasploit. Instead of reinventing the wheel with Metasploit guides we decided to take all the disparate info on using Metasploit and put it into one place, starting from the basics all the way to advanced testing.
- The Zaproxy files – code.google.com/p/zaproxy/downloads/list
An easy to use penetration testing tool.
- WCE v1.2 64-bit version released – hexale.blogspot.com
- The ERPScan WEBXML Checker! – erpscan.com/products
As all of us know the importance of SAP (short for Systems, Applications and Products) systems. We also know that with increased exposure to new technologies, newer vulnerabilities are found. ERPScan WEBXML Checker, is a new tool from who we consider as a leading entity involved with discovering new SAP related vulnerabilities.
- A deeper look at ms11 – 058 – skullsecurity.org
Two weeks ago today, Microsoft released a bunch of bulletins for Patch Tuesday. One of them – ms11-058 – was rated critical and potentially exploitable. However, according to Microsoft, this is a simple integer overflow, leading to a huge memcpy leading to a DoS and nothing more. I disagree.
- Password Tracking In Malicious iOS Apps – software-security.sans.org
In this article, John Bielich and Khash Kiani introduce OAuth, and demonstrate one type of approach in which a malicious native client application can compromise sensitive end-user data.
- Apache HTTPD Killer Remote Denial of Service – eromang.zataz.com
Kingcope has release, the 19 August, on Full disclosure mailing-list a perl script named “killapache.pl“ how can cause to Apache HTTPD Web server a remote denial of service (DoS). The DoS could be done by the attacker with a low requirement of ressources (CPU, memory and bandwidth) causing the targeted Web server to consume a big amount of ressources (CPU and memory). Apache HTTPD 2.0 and 2.2 series are affected by this vulnerability.
- Setting up a persistent trusted CA in an Android emulator – intrepidusgroup.com
Setting up a persistent trusted CA in the Android emulator is a common problem, encountered any time we assess an application within an emulator, that use SSL properly. The goal is to man-in-the-middle (MITM) traffic from an application running in the Android emulator.
- IIS Search Verb Directory Listing – room362.com
- My Flash 9 Workflow – www.l1pht.com/2011/08/my-flash-9-workflow/
Just recently I’ve tested a number of web applications that made heavy use of Adobe Flash. Considering I didn’t find a whole lot when I was searching I thought I’d document my current workflow.
- SSH Cheat Sheet – pentestmonkey.net
SSH has several features that are useful during pentesting and auditing. This page aims to remind us of the syntax for the most useful features.
- Microsoft Releases New Versions of Software Security Tools – threatpost.com
Microsoft has released new versions of several of its software security tools, including itsThreat Modeling Tool and a pair of fuzzers. All of the tools are part of the company’s Security Development Lifecycle program, which it has been sharing with external organizations for a few years now.
- BART, Anonymous, and a girl hacker
The purported hacker who infiltrated the BART’s Police Officers Association website today claims to be a French girl (“Humiliating, huh?”) who executed her first hack, SF Weekly has learned. SF Weekly chatted online with someone who claimed to be the mind behind today’s attack.
- BART Police Website Hacker Claims To Be French Girl On First Hack part 1 – blogs.sfweekly.com
- BART Police Website Hacker Claims To Be French Girl On First Hack part 2 – blogs.sfweekly.com
- Randomly generated passwords at myBART – lightbluetouchpaper.org
- The Great RSA Hack
The current theory is that a nation-state wanted to break in to Lockheed-Martin and Northrop-Grumman to steal military secrets. They couldn’t do it, since these companies were using RSA SecurID tokens for network authentication. So, the hackers broke into RSA with a targeted email attack.
- How We Found The File That Was Used To Hack RSA – f-secure.com
- Researchers Recover RSA Phishing Attack, Hiding In Plain Sight – wired.com
- Android Malware Explodes, iOS Remains Safe – wired.com
According to a report by antivirus software maker McAfee, Android is now the “most attacked mobile operating system,” with a jump in malware attacks of 76 percent in the last quarter. This impressive win is even more so when you consider that Android “outpaces second place Java ME threefold”.