Week 12 In Review – 2011

Events Related

  • Outerzone 2011 Hacker Con – irongeek.com
    The following are videos of the presentations from the Outerzone 2011 hacker conference.

Resources

  • Focusing on the Spirit of NIST’s Guidance For Continuous Monitoring – blog.coresecurity.com
    The National Institute of Standards and Technology (NIST) has regularly recommended new guidance to help give agencies a clearer deployment path to a more robust information security program.
  • Viewpoint Paper on Threats and Vulnerabilities – jps.anl.gov
    I would go even further and argue that understanding Vulnerabilities is more powerful than understanding Threats—regardless of the relative difficulty of TAs vs. VAs.
  • The Key Skill-Set of Great Penetration Testers – thehackeracademy.com
    For me, the difference between Keatron’s list and a great penetration tester comes down to one thing: intelligence types.   Specifically, the difference between convergent intelligence and divergent intelligence.

Tools

  • Metasploit VNC Password Extraction – room362.com
    I ran into the same issue on Penetration Tests in the past but didn’t know much about the wacked out version of DES that RFB (the VNC protocol) was using.
  • Update: Inspathx r66 – code.google.com
    Inspathx is a tool that uses local source tree to make requests to the URL and search for path inclusion error messages.
  • Update: JBroFuzz 2.5! – sourceforge.net
    JBroFuzz is a web application fuzzer for requests being made over HTTP or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
  • Update: Skipfish-1.85b! – code.google.com
    Skipfish is a fully automated, active web application security reconnaissance tool.
  • Update: WhatWeb v.0.4.6! – github.com
    WhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand.
  • Pastenum – Pastebin/pastie enumeration tool – corelan.be
    When conducting a pen-test, the process typically starts with the reconnaissance phase, the process of gathering information about your target(s) system, organization or person.
  • The Open Pentest Bookmark Collection v1.4 – securityaegis.com
    News, news, news… Hey guys and gals of the security community.  We are pleased to announce the release of version 1.4 (yes 1.3 squeaked by without a blog post) of the Open Pentest Bookmarks Collection.
  • New SNMP Metasploit Modules – carnal0wnage.attackresearch.com
    My new favorite modules (for today) are the snmp_enumusers and snmp_enumshares modules that work against windows hosts that have snmp running.

Techniques

  • PenTest Perfect Storm 6: We Love Cisco! – willhackforsushi.com
    In the webcast, hosted by CORE Security Technologies, we discussed attack techniques against Cisco devices, combining wireless, network and web app techniques to exploit common network architectures.
  • Metasploit: Adobe Flash CVE-2011 – blog.metasploit.com
    Recently, I spent about a week and a half working on the latest 0-day Flash vulnerability. I released a working exploit on March 22nd 2011. The original exploit was just an attempt to get something working out the door for all of our users.
  • Attack using CVE-2011-0609 – f-secure.com
    Attackers have been taking advantage of the situation in Japan to trick their targets into opening malicious files. These cases have used infected Excel attachments with Flash exploits.
  • Extracting AP names from Packet Captures – packetstan.com
    Years ago, while working as a Network Engineer, I did a bit of sniffing of our wireless access points. I noticed that some access point, mainly Cisco, broadcast the Access Point’s name.

Vendor/Software Patches

  • Apple releases Mac OS x 10.6.7 update – h-online.com
    In the software update notes, Apple also recommends the update “for all early 2011 MacBook Pro models”.
  • Firefox 3 Updates and SSL Blacklist Extension – isc.sans.edu
    At the heels of yesterday’s Firefox 4 release, we today got 3.6.16 and 3.5.18. As usual, Mozilla will provide security updates for some older browsers after the release of a new major version.
  • Adobe fixes Vulnerabilities in Flash, AIR and Acrobat – h-online.com
    Adobe has released updates to its Flash Player, Acrobat and Acrobat Reader products to fix related security vulnerabilities in these products that potentially allowed an attacker to compromise a system by means of a crafted SWF embedded in an Excel file.

Vulnerabilities

Other News

  • HD Moore Releases His Process for Security Research – resources.infosecinstitute.com
    HD Moore is Chief Security Officer at Rapid7 and Chief Architect of Metasploit, the leading open-source penetration testing platform.
  • Industrial Control Systems: security holes galore – h-online.com
    It seems that Stuxnet has given many security experts an interest in the potential holes in industrial control and SCADA (Supervisory Control and Data Acquisition) systems.
  • McAfee Acquires Sentrigo – securosis.com
    McAfee has had a partnership with Sentrigo for a couple years, and both companies have cooperatively sold the Sentrigo solution and developed high-level integration with McAfee’s security management software.

Leave A Comment