Events Related

  • Hack.lu 2013 Wrap-Up
    Xavier wrapped-up the event of Hack.Lu 2013-Luxembourg 9th edition. As usual, the event started with a bunch of interesting workshops, talks. These talks went really deep and finally, Shift closed the schedule with “Interactive Deobfuscation“; A very very technical session.

Resources

  • GrrCON 2013 – youtube.com
    Here are the presentation videos shown by speakers at the GrrCON 2013 Information Security & hacker conference in DeVos Place.
  • Routerpwn.com – routerpwn.com
    Routerpwn.com is a web application that helps you in the exploitation of vulnerabilities in residential routers. It is a compilation of ready to run local and remote web exploits. Programmed in Javascript and HTML in order to run in all “smart phones” and mobile internet devices.

  • The Appsec Program Maturity Curve 1 of 4 – veracode.com
    Veracode found in a recent study that 70% of CIOs already understand the need for application security. However, the majority of them still will not move to increase their investment in securing the software that runs their business without a triggering event, such as a data breach.

Tools

  • Nccgroup / WindowsDACLEnumProject – github.com
    A collection of tools to enumerate and analyse Windows DACLs. Released as open source by NCC Group Plc.
  • Volatility 2.3 Released! (Official Mac OS X and Android Support) – volatility-labs.blogspot.com
    The Volatility Foundation is thrilled to announce the official release of Volatility 2.3! While the main goal of this release was Mac OS X (x86, x64) and Android Arm support, also includeded a number of other exciting new capabilities!
  • Update: Suspender V0.0.0.4 – blog.didierstevens.com
    Suspender is a DLL that suspends all threads of a process. This new version adds an option to suspend a process when it exits.
  • Smbexec 2.0 released – pentestgeek.com
    Pentest Geek released smbexec version 2.0 a few days ago and it comes with some rather large differences from previous versions. For one thing it was completely rewritten in Ruby, for another it now supports multi-threading.

Techniques

  • Automated Social Engineering Recon Using Rapportive – jordan-wright.github.io
    When performing a social engineering engagement, recon is key. In a previous post, Jordan wright demonstrated a few ways in which we could automate the recon process. However, the methods he showed were simply ways to find the profiles of people that might belong to a particular organization.
  • Better support for importing Burp Suite Log and Export files in IronWASP v0.9.7.2 – blog.ironwasp.org
    IronWASP has always had support to import Burp Suite log files, But with the new version import the Burp Suite export files as well. You can export Burp Suite logs to an XML file using the options shown in the images here.
  • Netgear Root Compromise via Command Injection – shadow-file.blogspot.com
    Previously, Zach Cutlip talked about the net-cgi executable in the wndr3700’s firmware. net-cgi is a multi-call binary, a little like busybox. As such it has a lot of functionality baked in. One of its more interesting functions is called cmd_ping6(). Here’s what it looks like.
  • New “Restricted Admin” feature of RDP 8.1 allows pass-the-hash – labs.portcullis.co.uk
    This post describes the new “Restricted Admin” feature, the security benefits it brings and a potential downside of the feature: Pass-the-Hash attacks. Portcullis labs will briefly recap what Pass-the-Hash attack are and demonstrate such an attack against a Windows 2012 R2 server.

Vulnerabilities

Other News

  • I challenged hackers to investigate me and what they found out is chilling – pandodaily.com
    It’s Adam L. Penenberg’s first class of the semester at New York University. He was discussing the evils of plagiarism and falsifying sources with 11 graduate journalism students when, without warning, his computer freezes. What he learned is that virtually all of us are vulnerable to electronic eavesdropping and are easy hack targets.