Week 16 in Review – 2013

Event Related

• Great Scott Gadgets Infiltrate 2013 – greatscottgadgets.com
  Michael Ossmann and Kyle Osborn presented Two-Timing Data Connectors at Infiltrate 2013.

Resources

• Nessus
  • Using Posh-SecMod PowerShell Module to Automate Nessus(Part1) – darkoperator.com
    One showed me some of the scripts they use and then it came to me why not automate Nessus from with in PowerShell.
  • Security and Networking – Blog – Using Posh-SecMod PowerShell Module to Automate Nessus (Part3) – darkoperator.com
    We can retrieve a list of the reports available on the Nessus Server and the information that they provide with Get-NessusReports function and we provide it a index for the session or an object of Nessus.Server.Session
• The History of Programming Languages Infographic – veracode.com
  In a world of increasing inter-connectivity, programming languages form the foundation. Did you know that the first programming language is over 100 years old and was written by a woman, Ada Lovelace? Join as us we delve into the history, evolution, and prevalance of programming languages over the years.
• Security Book Reviews – securitybookreviews.eu
  A selection of book reviews and suggestions for the Information Security Community, brought to you by the
  [dreamcats](http://dreamcats.org/) conspiracy.
• Penetration testing of iPhone Applications – Part 4 – securitylearn.net
  In the first part of the article, we have discussed about the iPhone application traffic analysis. Second part of the article covered the privacy issues and property list data storage.
• Cracking IKE Mission:Improbable (Part 2) – blog.spiderlabs.com
  A couple of weeks ago I posted Part 1 of Cracking IKE, detailing some useful techniques when cracking Aggressive Mode PSK hashes. In that post we saw that a hash is not always ‘crackable’ and additional steps are required in order to find a correct group name or ID.

Tools

• Still Passing the Hash 15 Years Later: Missing PTH Tools Writeup – WMIC / WMIS / CURL – passing-the-hash.blogspot.com
  The first tool I’m going to talk about is “wmic”. This tool can be used to issue WMI queries to a Windows computer. Note, this tool is only for queries.
• Blueboxs Dexter: Free Android Analysis Tool – blog.bluebox.com
  Bluebox Labs is proud to present Dexter, a free Android application analysis framework with a rich web-based user interface.
• The Social-Engineer Toolkit (SET) Version 5.0 “The Wild West” – trustedsec.com
  TrustedSec is proud to announce the release of the Social-Engineer Toolkit (SET) v5.0 codename: The Wild West.
• pecheck.py – blog.didierstevens.com
  pecheck.py is a wrapper for pefile, but this version has a new feature: check a PE file stored in a (password protected) ZIP file (password infected).

Techniques

• Enumerating Open Shares On The Buffalo Linkstation – 3vildata.com
  Since enumeration seems to be all the rage at the moment, I thought I’d chip in with my own, although admittedly very much less high-profile, one.
• Open Security Research: Creating, Extracting, and Signing JARs – blog.opensecurityresearch.com
  Java Archive (JAR) is a cross-platform archive file format used to compress and bundle multiple files (e.g. Java class files), metadata and resources into a single file with the .jar file extension.
• Can GDB’s List Source Code Be Used for Evil Purposes? – ioactive.com
  The following is a simple trick where you can use GDB as a trampoline to read a file which originally you don’t have enough permission to read. This trick could also be helpful in a binary capture-the-flag (CTF) or reverse engineering challenge.
• Agilebits 1Password support and Design Flaw? – hashcat.net
  This week I finally finished the first milestone, the hashing part of TrueCrypt. That is PBKDF2-HMAC-Whirlpool, -RipeMD160 and -SHA512.
• 
  The beginners guide to breaking website security with nothing more than a Pineapple
  – troyhunt.com
  That’s an easy assumption to make because it’s hard to observe the risk of insufficient transport layer protection being exploited, at least compared to something like XSS or SQL injection. But it turns out that exploiting unprotected network traffic can actually be extremely simple, you just need to have the right gear.
• Hacking and Rooting SOHO Home Routers – securityevaluators.com
  ISE researchers have discovered critical security vulnerabilities in numerous small office/home office (SOHO) routers and wireless access points.

Vendor/Software Patches

• New security protection, fixes for 39 exploitable bugs coming to Java – arstechnica.com
  Oracle plans to release an update for the widely exploited Java browser plugin. The update fixes 39 critical vulnerabilities and introduces changes designed to make it harder to carry out drive-by attacks on end-user computers.

Vulnerabilities

• Linode Hacked Through ColdFusion Zero Day – threatpost.com
  Web hosting company Linode said it was compromised and that the attackers got access to its database, source code and customer credit card numbers.
• If iOS is Less Secure, Why Does Android Get Attacked? – veracode.com
  Software vulnerabilities are the food that keeps viruses, malware and other attacks alive, right? If that’s the case, you’d expect that the software with the most vulnerabilities would also be the software facing, proportionally, the most attacks.

Other News

• FISMA Reform Passes House on 416-0 Vote – bankinfosecurity.com
  The Federal Information Security Amendments Act would require federal agencies to continuously monitor their IT systems for cyberthreats and implement regular