Week 12 in Review – 2013

Event Related

  • IPv6 Focus Month
    • IPv6 Focus Month: What is changing with DHCP – isc.sans.edu
      Among the different methods to configure IPv6 addresses, most managed networks will likely stick with DHCP. DHCPv6 however is a bit different then DHCPv4. We will summarize here some of the basic differences between DHCPv4 and DHCPv6.
    • IPv6 Focus Month: The warm and fuzzy side of IPv6 – isc.sans.edu
      Protocols like IPv6 and IPv4 suffer from two very different types of security issues: Oversights in the specification of the protocol and implementation errors.
  • Google Chrome OS Linux WAS Exploited at Pwnium 2013 for $40,000 – internetnews.com
    Earlier this month, Google Chrome running Chrome OS (Linux!) was hailed as being a survivor in the Pwnium/Pwn2own event that hacked IE, Firefox and Chrome browsers on Windows.
  • CanSecWest 2013 slides – cansecwest.com
    CanSecWest 2013 Files
  • Troopers 13 Presentation Corporate Espionage via Mobile Compromise – viaforensics.com
    Troopers was held this year March 11-15th in the beautiful city of Heidelberg, Germany. It was an amazing and intimate event (sold out at 200 attendees) with deeply technical talks focused on education and the goal of “making the world a safer place.” This year I presented on a mobile security topic titled Corporate Espionage via Mobile Compromise: A Technical Deep Dive.
  • RSA Conference 2013 The Year of the Panel – blog.accuvant.com
    At this year’s RSA Conference, panel discussions appeared to dominate the speaking sessions. Personally, I find that panels are more engaging and provide more value overall. In my opinion, a session with more experts who offer different perspectives results in a better learning experience for all attendees.

Resources

  • Internet Census 2012 – internetcensus2012.bitbucket.org
    While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials.
  • PowerShell Basics – Execution Policy and Code Signing Part2 – darkoperator.com
    In my previous blog post where I covered Execution Policy and Code Signing I mentioned that these steps where only useful for content that is downloaded from the internet and to prevent accidental execution of scripts.
  • The Tallinn Manual – ccdcoe.org
    The Tallinn Manual on the International Law Applicable to Cyber Warfare, written at the invitation of the Centre by an independent ‘International Group of Experts’, is the result of a three-year effort to examine how extant international law norms apply to this ‘new’ form of warfare.

Techniques

  • Hacking High Scores in iOS GameCenter – netspi.com
    In order to modify our scores, we will need to proxy our iOS traffic through Burp. In order to properly intercept the encrypted iOS traffic, you will also need to install the Portswigger certificate on your iOS device
  • iPillaging – Snarfing Useful Data from iOS Images – pen-testing.sans.org
    Tim Medin has taken the SANS Security 575 course on Mobile Device Security and Penetration Testing more than any other human. His frequent stints as a teaching assistant for Josh Wright (yes, mandatoryback rubs) has ensured that unique distinction.
  • Gravatar Email Enumeration in JavaScript
    – blog.whitehatsec.com
    A friend recently reminded me about a hackers’ trick − based on using Gravatar − that I’d long forgotten about. The method was last discussed on Stack Overflow a couple of years ago.
  • Mongodb – Security Weaknesses in a typical NoSQL database – blog.spiderlabs.com
    Over the last year or so, I’ve noticed 2 ports appearing more frequently during internal penetration tests, namely 27017/tcp and 28017/tcp.

Vendor/Software Patches

  • Update: PDFiD Version 0.1.2 – blog.didierstevens.com
    This new version is a bugfix version for Python 3 plus I added a new name in the default report: /XFA
  • Weekly Update: Introducing Metasploit 4.5.3 – community.rapid7.com
    This week, we’ve incremented the Metasploit version number by one trivial point to 4.5.3 — this was mainly done to ensure that new users get the fixes for the four most recent vulnerabilities that were fixed by Rails 3.2.13.

Vulnerabilities

Other News

  • What 420,000 insecure devices reveal about Web security – cnet.com
    Using a simple technique, a researcher creates a benign botnet to survey the breadth of the Internet, and finds a back door flung wide open and beckoning the bad guys. Read this article by Don Reisinger on CNET News.
  • A Penetration Tester’s Pledge – pen-testing.sans.org
    Over the weekend, I was thinking about the wonderful psexec capabilities of tools like Metasploit, the Nmap Scripting engine smb-psexec script, and the psexec tool itself from Microsoft Sysinternals.
  • Same hacker may have targeted Ars, reporter Krebs, and Wireds Honan – arstechnica.com
    Krebs gets the name of hacker tied to attacks, calls him to discover a 20-year-old.
  • The Obscurest Epoch is Today – krebsonsecurity.com
    To say that there is a law enforcement manhunt on for the individuals responsible for posting credit report information on public figures and celebrities at the rogue site exposed.su would be a major understatement.
  • Disconnect: Defunding EnergySec/NESCO and Promoting Info Sharing – digitalbond.com
    The Executive Order and proposed Cybersecurity Legislation focuses on information sharing yet the USG decides to defund an electric sector info sharing org.
  • RC4 in TLS is broken: Now what? – blog.ivanristic.com
    RC4 has long been considered problematic, but until very recently there was no known way to exploit the weaknesses.
  • Cyberattack Disrupts South Korean TV, Banks – threatpost.com
    The other Korea’s specter loomed large among speculators and fingers pointers Wednesday morning when reports surfaced that the networks of several prominent South Korean banks and broadcasters dropped offline.
  • Pentagon to Deploy More Than 100 Cyber Teams by 2015 – mashable.com
    Within three years, the Pentagon’s Cyber Command will deploy more than 100 teams focused predominantly on defending military networks rather than attacking adversaries’ systems, according to Defense Department officials.
2017-03-12T17:39:41-07:00 March 25th, 2013|Hacking Contests, Security Conferences, Security Tools, Security Vulnerabilities, Week in Review|0 Comments

Share This Story, Choose Your Platform!

Leave A Comment