Week 39 in Review – 2012

Event Related

  • Snoopy: A distributed tracking and profiling framework – sensepost.com
    At this year’s 44Con conference (held in London) Daniel and I introduced a project we had been working on for the past few months. Snoopy, a distributed tracking and profiling framework, allowed us to perform some pretty interesting tracking and profiling of mobile users through the use of WiFi.
  • CRIME Slides from ekoparty 2012 – Google Docs – docs.google.com
    I think CRIME has been hyped too much. Cookie spoofing ain’t a serious thing. I doubt the advantages of this attack has much impact on net sec.
  • DerbyCon Day 2 Talk Notes: Social Engineering Defense Contractors on LinkedIn and Facebook – novainfosecportal.com
    So I thought I’d check out and blog about this presentation since it seems fairly close to home with many of us in the metro-DC area. Despite there being no abstract I’ve heard the speaker, Jordan Harbinger, on The Social Engineering Podcast a few times and he seems to know his stuff on teaching others to build rapport with others, a key skill for any social engineer.

Resources

  • Book Review: “Advanced Penetration Testing for Highly Secured Environments: The Ultimate Security Guide” – cyberarms.wordpress.com
    You may have layers of security, popularly known as “Defense in Depth”, but are your security features setup properly? Are their configuration errors that a vulnerability scan will not find?
  • What is Penetration Testing? – Whiteboard Wednesdays – community.rapid7.com
    wondering “What is penetration testing?” Need a quick primer on the topic? In this first video of our Whiteboard Wednesdays series, we’re explaining what a penetration test is as well as some typical reasons why people conduct so-called “pen tests”.
  • FinSpy Mobile – Configuration and Insight – blog.spiderlabs.com
    A couple of weeks ago, Citizen Lab announced the discovery of the mobile component to the previously discovered FinFisher Toolkit (Reference Here).
  • Email Address Harvesting – pentestgeek.com
    Harvesting email addresses is a common part of any external penetration test. Several tools exist that can be easily found with a simple google search that can greatly decrease the amount of time spent combing through search engine results.
  • Two-stage CSRF attacks – ceriksen.com
    This week I ran into an interesting problem. I was doing some poking around with my DLink DIR-615(EU) router while working on some firmware reverse engineering. It occurred very quickly to me that the router had no protection against CSRF attacks.

Techniques

  • JSON Hijacking Demystified – blog.spiderlabs.com
    JavaScript Object Notation (JSON) is a language and platform independent format for data interchange. JSON is in widespread use with a number of JSON parsers and libraries available for different languages. While some information is available for JSON hijacking this attack is not very well understood.
  • Hey, I just met you, and this is crazy, but here’s my hashes, so hack me maybe? – blog.spiderlabs.com
    Those familiar with password cracking know that KoreLogic’s rule set for John the Ripper has become the de facto standard for password cracking.

Tools

  • Everything you need to know about hash length extension attacks – skullsecurity.org
    Now I’m gonna release the tool, and hope I didn’t totally miss a good tool that does the same thing! It’s called hash_extender, and implements a length extension attack against every algorithm I could think of.
  • Cydia – appsec-labs.com
    Once you have added AppSecLabs repository to your Cydia you can find all of our latest iOS tools right in Cydia.

Vendor/Software Patches

Vulnerabilities

  • Tiny Evil Maid CHKDSK Utility Can Steal Passwords – threatpost.com
    The utility is designed to look like the Windows CHKDSK tool, which looks for errors or problems with a hard disk before a machine boots. CHKDSK will execute if the system detects a logical error and then attempt to fix it, and anyone who’s been a Windows user for more than a year or two definitely has seen the utility pop up.
  • Got TouchWiz? Some Samsung Smartphones Can Be Totally Wiped By Clicking A Link – techcrunch.com
    I’ve never been a huge fan of the TouchWiz UI Samsung throws onto most of its smartphones (for aesthetic reasons, mostly), but now it seems there’s another reason to be wary of the custom Android interface.

Other News

Leave A Comment